16 matches found
Updated lcms2 packages fix security vulnerability
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254...
SUSE-SU-2026:22070-1 Security update for lcms2
This update for lcms2 fixes the following issues - CVE-2026-41254: integer overflow in CubeSize in cmslut.c bsc1264994. - CVE-2026-42798: integer overflow in ParseCube in cmscgats.c bsc1263703...
Amazon Linux 2023 : lcms2, lcms2-devel, lcms2-utils (ALAS2023-2026-1657)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1657 advisory. Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254 Little CMS lcms2 2.16 through 2.1...
SUSE CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
JLSEC-2026-491
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
FreeBSD : lcms2 -- Integer overflow (ca62e49c-4150-11f1-95f7-00a098b42aeb)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ca62e49c-4150-11f1-95f7-00a098b42aeb advisory. https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 reports: Little CMS...
CVE-2026-41254
A flaw was found in Little CMS. An integer overflow in the CubeSize function within cmslut.c occurs because the overflow check is performed after the multiplication. An attacker could exploit this vulnerability by providing a specially crafted input, potentially leading to information disclosure ...
ALPINE-CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
EUVD-2026-23668
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
PT-2026-33596
Name of the Vulnerable Software and Affected Versions Little CMS lcms2 versions prior to 2.19 Description An integer overflow occurs in the CubeSize calculation within the cmslut.c file because the overflow check is executed after the multiplication operation. Recommendations Update to a version...
Linux Distros Unpatched Vulnerability : CVE-2026-41254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254...
lcms2 -- Integer overflow
https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 reports: Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...