11040 matches found
Integer Overflow or Wraparound
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the payload size calculation within the Write process. An attacker can cause the process to enter an infinite loop and exhaust system resources by...
CVE-2026-39834
CVE-2026-39834 concerns a flaw in golang.org/x/crypto/ssh where writing data larger than 4GB in a single Write on an SSH channel triggers an integer overflow in the internal payload size calculation. The overflow causes the write loop to spin indefinitely, sending empty packets and making no prog...
GO-2026-5020 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an integer overflow in the calculation of the internal payload size when writing dat...
Unity Linux 20.1060e / 20.1070e Security Update: xerces-j2 (UTSA-2026-016680)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016680 advisory. There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser t...
Linux Distros Unpatched Vulnerability : CVE-2026-32739
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in...
RLSA-2025:14560 Moderate: python3 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
python3 security update
An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...
SUSE CVE-2026-32739
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...
Astra Linux - уязвимость в golang-1.15
In Go, encoding/xml in versions before 1.15.9 and 1.16.x before 1.16.1 may lead to an infinite loop if a custom TokenReader used for xml.NewTokenDecoder returns EOF midway through an element. This issue can occur in the Decode, DecodeElement, or Skip methods...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: Avoid infinite loops caused by corrupted subpage compact indexes. Robert reported an infinite loop observed in two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loops when trying to resize the local TT. If the MTU of one of the attached interfaces becomes too small to transmit the local translation table, then it must be resized to fit within all fragments when...
Astra Linux - уязвимость в libxpm
A flaw was discovered in libXpm. This issue occurs when parsing a file with a comment that is not closed properly; the “end-of-file” condition will not be detected, leading to an infinite loop and causing a Denial of Service in the application that uses the library...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm, shmem: preventing infinite loops in the truncate race condition. When truncating a large swap entry, shmemfreeswap returns 0 when the entry’s index does not match the given index due to lookup alignment issues. The failure...
Astra Linux - уязвимость в connman
A issue was discovered in the DNS proxy of Connman through version 1.40. The TCP server reply implementation creates an infinite loop if no data is received...
Astra Linux - уязвимость в zziplib
The infinite loop in zziplib v0.13.69 allows remote attackers to cause a denial of service by using the return value “zzipfileread” in the function “unzzipcatfile”...
Astra Linux - уязвимость в libvncserver
A issue was discovered in LibVNCServer before version 0.9.13. An improperly closed TCP connection causes an infinite loop in the libvncclient/sockets.c file...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubi: ubiwlputpeb: Fixed an infinite loop that occurred when wear-leveling failed. The following process can trigger an infinite loop in ubiwlputpeb: c ubifsbgt ubibgt ubifslebunmap ubilebunmap ubiebaunmapleb...
Astra Linux - уязвимость в djvulibre
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error resource exhaustion caused by an infinite loop in GBitmap::readrleraw by creating a corrupted image file, which is related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp...
Astra Linux - уязвимость в libconvert-asn1-perl
Perl-Convert-ASN1 also known as the Convert::ASN1 module for Perl up to version 0.27 allowed remote attackers to create an infinite loop due to unexpected inputs...