EUVD-2026-31400

golang.org/x/crypto/ssh vulnerable to infinite loop on large channel writes...

EUVD-2026-38883

In the Linux kernel, the following vulnerability has been resolved: erofs: unify lcn as u64 for 32-bit platforms As sashiko reported 1, lcn was typed as unsigned long or unsigned int sometimes, which is only 32 bits wide on 32-bit platforms, which causes lcn lclusterbits to be truncated at 4 GiB...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/mm: Ensure that the input to pfntokaddr is treated as a 64-bit type. On 64-bit platforms, the pfntokaddr macro requires that the input value be 64 bits. This ensures that valid address bits are not lost when shifting the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: The jump labels are called before parseearlyparam is executed. On 64-bit systems, calling jumplabelinit within setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam, which in...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftlimit: avoided a possible division error in nftlimitinit divu64 divides an u64 value by an u32 value. nftlimitinit attempts to divide an u64 value by another u64 value; the appropriate math function div64u64 shou...

Astra Linux – Vulnerability in SQLite3

In SQLite 3.49.0 before 3.49.1, certain argument values passed to sqlite3dbconfig in the C-language API can cause a denial of service application crash. A sznBig multiplication is not cast to a 64-bit integer, which can lead to incorrect memory allocations...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ftruncate: passing a signed offset. The old ftruncate system call, which used the 32-bit offt type, missed a sign extension when called in compat mode on 64-bit architectures. As a result, passing a negative length accidentally...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: A sleeping function is called from an invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks. In the fields nextid, foldercount, and filecount in the super block, the values were expanded to 64 bits, and mechanisms like BUGON were added to detect overflow...

Astra Linux – Vulnerability in glib2.0

A issue was discovered in GNOME GLib before versions 2.66.6 and 2.67.x before version 2.67.3. The function gbytesnew has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. This overflow could potentially lead to memory corruption...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential out-of-bounds memory access occurred in nilfsfindentry. Syzbot reported that when searching records in a directory where the isize of an inode is corrupted and has a large value, memory access outside the...

openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an...

CVE-2026-34180

A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ASN.1 decoder. An attacker can crash the application or cause memory beyond the end of the input buffer to be loaded into the decoded ASN.1 object, by supplying very large input data. Applications that pass...

EUVD-2026-35476

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

CVE-2026-34180

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

ALPINE-CVE-2026-34180

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

CVE-2026-34180

CVE-2026-34180 describes a heap buffer over-read in OpenSSL’s DER/ASN.1 content parsing. On 64-bit Unix-like systems, a crafted ASN.1 primitive whose content exceeds 2 GB can cause the decoder to miscalculate content length, potentially leading to a read past the end of the input buffer or a cras...