JLSEC-2026-532

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

PT-2026-47098

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

Astra Linux - уязвимость в liblivemedia

In Live555 0.95, there is a buffer overflow due to a large integer in the Content-Length HTTP header. This occurs because the handleRequestBytes function uses a memmove operation without proper bounds...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: “vt: fix unicode buffer corruption when deleting characters” This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 “vt: fix memory overlapping when deleting chars in the buffer”. The solution is als...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed overlapping copies within dmlcoremodeprogramming REASON &modelib-mp.Watermark and &locals-Watermark are the same address. memcpy may lead to unexpected behavior. SOLUTION memmove should be used instead...

Astra Linux - уязвимость в lz4

There is a flaw in lz4. An attacker who submits a crafted file to an application that uses lz4 may be able to trigger an integer overflow, resulting in the call to memmove with a negative size argument. This can lead to an out-of-bounds write and/or a system crash. The most significant impact of...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105tabledeleteentry There are actually 2 problems: - Deleting the last element does not require moving elements. In fact, the element at position i+1 is out of bounds. The...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: kobjectuevent: Fixed issues related to OOB access within zapmodaliasenv. The zapmodaliasenv function incorrectly calculates the size of the memory block to be moved. This can lead to OOB out-of-band memory access issues if the...

Astra Linux - уязвимость в ntfs-3g

A properly crafted NTFS image can cause an integer overflow in the memmove function, resulting in a heap-based buffer overflow in the ntfsattrrecordresize function, as of NTFS-3G version 2021.8.22...

UBUNTU-CVE-2026-46433

Heap OOB Read in VLAN Decapsulation memmove...

CVE-2026-46433

Heap OOB Read in VLAN Decapsulation memmove...

CVE-2026-46433

Heap OOB Read in VLAN Decapsulation memmove...

SUSE CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond 1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for a...

CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

EUVD-2026-29163

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

Exploit for Operator Precedence Logic Error in Freebsd

CVE-2026-7270 FreeBSD local privilege escalation via exec...

CVE-2026-8084

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...

CVE-2026-8084 OSGeo gdal HDF-EOS Grid File SWapi.c memmove out-of-bounds

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...