SUSE-SU-2026:21861-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues - CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. - CVE-2026-42309: heap buffer overflow when processing nested list coordinates bsc1265153. - CVE-2026-42310: infinite loop and resource exhausti...

dnsmasq security update

An update is available for dnsmasq. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server...

RLSA-2026:19373 Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

CVE-2026-46138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix OOB read and infinite loop in hcilecreatebigcompleteevt hcilecreatebigcompleteevt iterates over BTBOUND connections for a BIG handle using a while loop, accessing ev-bishandlei++ on each iteration. Howeve...

CVE-2026-46136

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buflen is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in...

UBUNTU-CVE-2026-46138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix OOB read and infinite loop in hcilecreatebigcompleteevt hcilecreatebigcompleteevt iterates over BTBOUND connections for a BIG handle using a while loop, accessing ev-bishandlei++ on each iteration. Howeve...

EUVD-2026-32765

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix OOB read and infinite loop in hcilecreatebigcompleteevt hcilecreatebigcompleteevt iterates over BTBOUND connections for a BIG handle using a while loop, accessing ev-bishandlei++ on each iteration. Howeve...

CVE-2026-46138

The CVE-2026-46138 issue affects the Linux kernel Bluetooth subsystem, specifically hci_le_create_big_complete_evt. A loop over BT_BOUND connections for a BIG handle may access ev->bis_handle[i++] without ensuring i

CVE-2026-46138 Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix OOB read and infinite loop in hcilecreatebigcompleteevt hcilecreatebigcompleteevt iterates over BTBOUND connections for a BIG handle using a while loop, accessing ev-bishandlei++ on each iteration. Howeve...

CVE-2026-46138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix OOB read and infinite loop in hcilecreatebigcompleteevt hcilecreatebigcompleteevt iterates over BTBOUND connections for a BIG handle using a while loop, accessing ev-bishandlei++ on each iteration. Howeve...

CVE-2026-46136

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buflen is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in...

CVE-2026-45864

A flaw was found in the Linux kernel's NTFS3 file system driver. This vulnerability allows a local attacker to trigger an infinite loop when the system attempts to process specific file system data. Successful exploitation can lead to a system hang, resulting in a Denial of Service DoS...

SUSE CVE-2026-45864

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...

glib 安全漏洞

Glib is a generic, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, and main loop abstractions. Glib has a security vulnerability that stems from an infinite loop during the certificate verification...

AlmaLinux 10 : .NET 8.0 (ALSA-2026:21286)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21286 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinit...

AlmaLinux 9 : .NET 8.0 (ALSA-2026:21293)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21293 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinite...

PT-2026-44261

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read and infinite loop exist in the hci le create big complete evt function. The function iterates over BT BOUND connections for a BIG handle using a while loop that...

CVE-2026-45953

A flaw was found in the Linux kernel's RAID5 module. When a low-level bitmap llbitmap bit state is unwritten in a degraded array, a missing check during write operations can cause the system to enter an infinite loop. This can lead to an I/O hang, effectively resulting in a Denial of Service DoS...

CVE-2026-39806

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in mtrudel bandit allows unauthenticated remote denial of service via worker process exhaustion. 'Elixir.Bandit.HTTP1.Socket':doreadchunkeddata!/5 in lib/bandit/http1/socket.ex terminates only when the last-chunk line 0\r\n is...

CVE-2026-46051

A flaw was found in the Linux kernel's md/raid5 component. When the retryalignedread function encounters an overlapped stripe, an issue in how stripes are released and processed can lead to an infinite loop. This prevents the system from resolving the overlap, resulting in a soft lockup and a...