CVE-2026-44640 NanoMQ: QUIC Dialer Close Type Confusion

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

...

SUSE CVE-2022-49450

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen setting the bar too high for the prealloc rings AFRXRPC's listen handler lets you set the backlog up to 32 if you bump up the sysctl, but whilst the preallocation circular buffers have 32 slots in them, one of...

SUSE CVE-2024-44982

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpuformatpopulatelayout fails If the dpuformatpopulatelayout fails, then FB is prepared, but not cleaned up. This ends up leaking the pincount on the GEM object and causes a splat during DRM file closur...

DEBIAN-CVE-2020-1730

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...