11070 matches found
SUSE-SU-2026:21062-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259726. - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing bsc1259711. - CVE-2026-3277...
PT-2026-31043
Loop with unreachable exit condition 'infinite loop' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use TOCTOU Race Conditions.This issue affects Mediawiki - GrowthExperiments Extension: 1.45.2, 1.44.4, 1.43.7...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indxfind to avoid...
Linux Distros Unpatched Vulnerability : CVE-2026-23451
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a...
Aardvark-dns 资源管理错误漏洞
Aardvark-dns is a DNS server developed by Containers Open Source. Versions 1.16.0 to 1.17.0 of Aardvark-dns have a resource management vulnerability. This vulnerability arises from truncated TCP DNS queries and connection resets, which may cause Aardvark-dns to enter an irreversible infinite erro...
Important: Red Hat Security Advisory: libarchive security update
An update for libarchive is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...
RHEL 9 : libarchive (RHSA-2026:6647)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6647 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...
SUSE SLES15 / openSUSE 15 Security Update : expat (SUSE-SU-2026:1166-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1166-1 advisory. - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity...
SUSE CVE-2026-23451
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
SUSE CVE-2026-23472
In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...
EUVD-2026-18745
In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...
EUVD-2026-18702
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
CVE-2026-23472
In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...
CVE-2026-23451
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
UBUNTU-CVE-2026-23472
In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...
CVE-2026-23451
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
UBUNTU-CVE-2026-23451
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
CVE-2026-23472
In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...
CVE-2026-23472
Summary: A Linux kernel vulnerability in the serial core (CVE-2026-23472) arises when handling PORT_UNKNOWN with a NULL transmit buffer, where uart_write_room() can report available space inconsistently with uart_write() , causing an infinite loop in drivers that rely on tty_write_room() to decid...