102 matches found
Security update for mariadb
This update for mariadb fixes the following issues: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. CVE-2026-35549: SHA2 auth plugin crash on large packets bsc1261413. CVE-2026-44168: wsrep SST unsafe parameter...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: atlantic: Fixed handling of fragment overflow in the RX path. The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds writ...
Astra Linux – Vulnerability in bluez
BlueZ is a Bluetooth protocol stack for Linux. In affected versions, there is a vulnerability in sdpcstateallocbuf, which allocates memory that will always remain locked in the singly linked list of cstates and will not be freed. This will lead to a memory leak over time. The allocated data can b...
SUSE CVE-2026-35549
An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...
UBUNTU-CVE-2026-35549
An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...
CVE-2026-35549
An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...
CVE-2026-35549
An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...
PT-2026-29985
Name of the Vulnerable Software and Affected Versions MariaDB Server versions prior to 11.4.10 MariaDB Server versions 11.5.0 through 11.8.5 MariaDB Server versions prior to 12.2.2 Description MariaDB Server is susceptible to a crash when using the caching sha2 password authentication plugin with...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004924)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004924 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000999)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000999 advisory. The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992925)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992925 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over...
Qualcomm Chipsets 输入验证错误漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing large packets, which could result in a denial of service...
CVE-2025-40292
In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix received length check in big packets Since commit 4959aebba8c0 "virtio-net: use mtu size as buffer length for big packets", when guest gso is off, the allocated size for big packets is not MAXSKBFRAGS PAGESIZE...
Linux Distros Unpatched Vulnerability : CVE-2025-40292
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtio-net: fix received length check in big packets Since commit 4959aebba8c0 virtio-net: use mtu size as buffer length for big packets, when guest gso is off,...
net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets
...
EUVD-2008-0618
Malware in sbrugna...
EUVD-2005-3492
Malware in sbrugna...
EUVD-2016-5009
Malware in sbrugna...
EUVD-2022-55584
Malicious code in bioql PyPI...
SUSE CVE-2022-50271
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure:...