1366 matches found
CVE-2026-41257
A flaw was found in jq, a command line JSON processor. The memory allocation size is calculated using a signed integer that can overflow when processing deeply nested generator forks. This integer overflow allows an attacker who can supply a sufficiently nested input to influence the memory...
SUSE CVE-2026-43368
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential overflow of shmem scatterlist length When a scatterlists table of a GEM shmem object of size 4 GB or more is populated with pages allocated from a folio, unsigned int .length attribute of a scatterlist may...
CVE-2026-42144
A flaw was found in the CImg library. An integer overflow vulnerability in the WHD size computation inside loadpnm can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around, allocating an undersized buffer and potentially...
CVE-2026-43894
A flaw was found in jq, a tool used for processing JSON data from the command line. A remote attacker can exploit a vulnerability by providing a specially crafted large number as input. This can cause an internal calculation error, leading to a memory overflow where the attacker can write their o...
SUSE CVE-2026-43330
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwi...
Cowlib 资源管理错误漏洞
Cowlib is a web protocol message parsing and building library developed by Nine Nines. In versions 0.6.0 to 2.16.1 of Cowlib, there was a resource management error vulnerability. This vulnerability stemmed from the block transfer encoding parser in the cowhttpte module, which allowed unlimited...
Unity Linux 20.1060e / 20.1070e Security Update: apache-sshd (UTSA-2026-017596)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017596 advisory. A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port...
CVE-2026-43330 crypto: caam - fix overflow on long hmac keys
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwi...
PT-2026-38867
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...
PT-2026-38981
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An overflow occurs in the crypto caam component when a key longer than the block size is supplied. The system copies and hashes the key into the real key, but the memory allocated for th...
PT-2026-39029
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/i915 component where the length attribute of a scatterlist may overflow when a scatterlists table of a GEM shmem object of 4 GB or more is populated with pages...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of overflowing the length of shared memory lists, potentially leading to an unexpected...
BIT-JAVA-MIN-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...
PT-2026-37816
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux parse theora extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...
PT-2026-37617
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the APEI/GHES component where the ghes new function fails to properly validate the size of CPER records. While the logic prevents allocating records larger than GHES...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libsoup (UTSA-2026-015469)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015469 advisory. A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processin...
USN-8219-1 ujson vulnerabilities
Cameron Criswell discovered that UltraJSON contained a memory leak that would occur when parsing large integers. An attacker could possibly use this issue to cause UltraJSON to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS...
DEBIAN-CVE-2026-31590
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...
rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer
The FFI trampolines behind SslContextBuilder::setpskclientcallback, setpskservercallback, setcookiegeneratecb, and setstatelesscookiegeneratecb forwarded the user closure's returned usize directly to OpenSSL without checking it against the &mut u8 that was handed to the closure. This can lead to...