EUVD-2026-35473

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

CVE-2026-44636 libsixel: integer overflow in encoder

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...

CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

CVE-2026-33019

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinates up to INTMAX are accepted without overflow-safe bounds...

kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

CVE-2023-53624 net/sched: sch_fq: fix integer overflow of "credit"

In the Linux kernel, the following vulnerability has been resolved: net/sched: schfq: fix integer overflow of "credit" if schfq is configured with "initial quantum" having values greater than INTMAX, the first assignment of "credit" does signed integer overflow to a very negative value. In this...

EUVD-2025-29061

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-23851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - copyparams in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INTMAX bytes, and crash, because of a missing...

AZL-70418 CVE-2025-38201 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is unset. Similar to: b541ba7d1f5a "netfilter: conntrack...

PT-2025-27976

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the netfilter component, where the maximum map bucket size was not properly clamped to INT MAX. This could lead t...

kernel: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

The vulnerability of the dm_table_create() function in the drivers/md/dm-table.c kernel module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the dmtablecreate function in the drivers/md/dm-table.c file of the Linux kernel relates to an attempt to allocate more than INTMAX bytes and cause a crash due to the lack of checking for struct dmioctl.targetcount. Exploiting this vulnerability could allow an attacker to...

AZL-34880 CVE-2024-23851 affecting package kernel for versions less than 6.6.35.1-4

copyparams in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INTMAX bytes, and crash, because of a missing paramkernel-datasize check. This is related to ctlioctl...