869 matches found
PT-2026-43831
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kref leak exists in the SUNRPC component. In the gss alloc msg function, a kref get&gss auth-kref call was implemented to balance the gss put auth operation performed in gss release ms...
TencentOS Server 3: krb5 (TSSA-2026:0386)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0386 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2026-1755)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1755 advisory. Fix GSS-API resource leak CVE-2026-3039 Limit resolver server list size CVE-2026-3592 An unauthenticated remote attacker can crash any affected named instance with a single crafted DNS message...
Alibaba Cloud Linux 3 : 0118: krb5 (ALINUX3-SA-2026:0118)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0118 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-40355: A flaw was found in MIT...
CLSA-2026-1779461988 krb5: Fix of 3 CVEs
CVE-2024-3596: generate and verify Message-Authenticator MACs in libkrad to mitigate the BlastRADIUS attack on the RADIUS protocol; includes follow-up fix for uninitialized pointer dereference in kradpacketdecoderequest - CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap...
SUSE CVE-2026-42002
Concurrency and locking defects in GSS-TSIG...
USN-8294-1 postgresql-14, postgresql-16, postgresql-17, postgresql-18 vulnerabilities
It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker could possibly use this issue to execute arbitrary SQL functions. CVE-2026-6472 It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An attacker...
USN-8293-1 bind9 vulnerabilities
Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...
USN-8293-1: Bind vulnerabilities
Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...
CVE-2026-42002
Concurrency and locking defects in GSS-TSIG...
CVE-2026-42002
Concurrency and locking defects in GSS-TSIG...
CVE-2026-42002 Concurrency and locking defects in GSS-TSIG
Concurrency and locking defects in GSS-TSIG...
CVE-2026-42002
CVE-2026-42002 relates to PowerDNS Authoritative (pdns) and is caused by concurrency and locking defects in GSS-TSIG. The Debian advisory notes these issues could lead to denial of service or information disclosure, and recommends upgrading to pdns 4.9.15-0+deb13u1. Connected sources also referen...
CVE-2026-42002 Concurrency and locking defects in GSS-TSIG
Concurrency and locking defects in GSS-TSIG...
PowerDNS Authoritative 安全漏洞
PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has security vulnerabilities, which stem from concurrency and locking flaws in GSS-TSIG...
CVE-2026-3039
BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...
CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation
BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...
Astra Linux – Vulnerability in bind9
In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the loop termination condition in gssfreeintokenpages. The intoken-pages array is not NULL-terminated. This results in the following KASAN issue: KASAN: Potential wild-memory-access in the range...
PowerDNS -- Multiple vulnerabilities
PowerDNS Team reports: 2025-07: Internal logic flaw in cache management can lead to a denial of service in Recursor When using views, queries sent using TCP Proxy Protocol will select the view according to the address of the proxy, rather than the address of the initial query. This can lead to...