JLSEC-2026-193

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function HL1MDLLoader::validateheader of the file assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to out-of-bounds read. An...

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986769 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Prevent state corruption in fpurestoresig The non-compacted slowpath uses copyfromuser a...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to the HL1MDLLoader::validateheader function, which doesn't check the file size before trying to access the buffer/header. An attacker can read data outside the intended buffer boundaries by manipulating the input...

Assimp 缓冲区错误漏洞

Assimp is an Assimp open source library. It is used to import and export various 3D model formats. A buffer error vulnerability exists in Assimp version 5.4.3, which stems from an out-of-bounds read problem in function HL1MDLLoader::validateheader in file...