CVE-2026-3196

CVE-2026-3196 describes an integer overflow in the virtio-snd device triggered by PCM_INFO requests from a guest, causing unbounded host memory allocation and potential denial-of-service. Documented in multiple feeds (CVE listing, AttackersKB, OSV/Nessus advisories) indicates the vulnerability af...

CVE-2026-3196 Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

Astra Linux – Vulnerability in Qemu

An integer overflow issue was identified in the vmxnet3 NIC emulator of QEMU for versions up to v5.2.0. This issue can occur if a guest provides invalid values for the rx/tx queue size or other NIC parameters. A privileged guest user may exploit this flaw to crash the QEMU process on the host,...

Astra Linux – Vulnerability in gst-plugins-ugly1.0

GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, it triggered some edge-case bugs, particularly some integer overflows related to...

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 allows for an integer overflow in the regional allocator through regionalalloc. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be exploited remotely or locally...

Astra Linux – Vulnerability in libsndfile

Multiple signed integer overflows occur in the aureadheader function in src/au.c, as well as in the mat4open and mat4readheader functions in src/mat4.c within Libsndfile. This vulnerability allows an attacker to cause a Denial of Service or other unspecified impacts...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netlink: Fixed wraparounds of sk-skrmemalloc. Netlink has this pattern in some places: c if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; This issue was also fixed in commit 5a465a0da13e “udp: Fixe...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ima: Fixed a potential integer overflow in imaappraisemeasurement. When ima-modsig is enabled, the rc parameter passed to evmverifyxattr may be negative, which could lead to an integer overflow issue...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: crypto: marvell/octeontx – prevents integer overflows The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s likely very little you can do to protect yourself. Nevertheless, we still try...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15, and Linux 6.1

An integer overflow flaw was discovered in the Linux kernel. This issue causes the kernel to allocate skbsharedinfo in the user space, which can be exploited in systems without SMAP protection, as skbsharedinfo contains references to function pointers...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed potential integer multiplication overflow errors. When multiplying values of different types, an overflow can occur even when storing the result in a larger type. This happens because the conversion is perform...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an integer overflow during the processing of the acregmax mount option. The user-provided mount parameter acregmax, of type u32, is intended to have an upper limit. However, before it is validated, the value is...

Astra Linux – Vulnerability in ffmpeg

An integer overflow vulnerability exists in the function filtersobel in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...

Astra Linux – Vulnerability in Nasm

There is an illegal address access in asm/preproc.c function: ismmacro within Netwide Assembler NASM 2.14rc16. This issue may lead to a denial of service due to out-of-bounds array access, as a certain conversion can result in a negative integer...

Astra Linux – Vulnerability in TIF format

A vulnerability was discovered in libtiff due to multiple potential integer overflows in the raw2tiff.c file. This flaw allows remote attackers to cause a denial of service or potentially execute arbitrary code through a crafted TIF image, triggering a heap-based buffer overflow...

Astra Linux – Vulnerability in TIF format

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or potentially execute arbitrary code through a crafted TIFF image, which triggers a heap-based buffer overflow...

Astra Linux – Vulnerability in PHP 8.1, PHP 7.3

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, and 8.3. before 8.3.14, uncontrolled long string inputs to the ldapescape function on 32-bit systems can lead to an integer overflow, resulting in an out-of-bounds write...