3778 matches found
CVE-2026-43158
In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592 and xfs/794 both trip this assertion in the leaf block freemap adjustment code after 20 minutes of running on my test VMs: ASSERTichdr-firstused = ichdr-count...
CVE-2026-43158 xfs: fix freemap adjustments when adding xattrs to leaf blocks
In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592 and xfs/794 both trip this assertion in the leaf block freemap adjustment code after 20 minutes of running on my test VMs: ASSERTichdr-firstused = ichdr-count...
PT-2026-37498
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where incorrect freemap adjustments occur when adding extended attributes xattrs to leaf blocks. Specifically, when adding multiple xattrs, the...
CLSA-2026-1777974095 nghttp2: Fix of CVE-2026-27135
CVE-2026-27135: fix missing iframe-state validations to avoid assertion failure...
Astra Linux – Vulnerability in liblivemedia
In liveMedia/FramedSource.cpp within Live555, up to version 1.08, an assertion failure can occur, leading to an application exit through multiple SETUP and PLAY commands...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a race condition between the async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after setting BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: jbd2: The assertion “jh-bfrozendata == NULL” failed when the journal was aborted. The following process will fail the assertion “jh-bfrozendata == NULL” in jbd2journaldirtymetadata: jbd2journalcommitTransaction; unlinkdir/a; jh-b...
Astra Linux – Vulnerability in bind9
In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions of BIND 9 Supported Preview Edition such as 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1, as well as the release version 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a...
Astra Linux – Vulnerability in Redis
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command specifically, a SET command. NOTE: this issue was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have any safety guarantees related to...
Astra Linux – Vulnerability in libstb
stbimage.h also known as the stb image loader, version 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...
Astra Linux – Vulnerability in libde265
There is an assertion scalinglistpredmatrixiddelta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding the file. This can allow attackers to cause a Denial of Service DoS by running the application with a crafted file, or potentially causing unspecified other impacts...
Astra Linux – Vulnerability in OpenLDAP
A flaw was discovered in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, thereby triggering an assertion failure. The greatest threat of this vulnerability is to system availability...
Astra Linux – Vulnerability in Mariadb 10.3
There is an assertion failure in MariaDB Server v10.9 and below due to the condition 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a race condition between balance operations and cancel/pause requests. Syzbot reported a panic that occurred as follows: Assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:46...
Astra Linux – Vulnerability in unbound
Unbound before version 1.9.5 allows assertion failures and denial of service in dnamepktcopy due to an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...
Astra Linux – Vulnerability in bind9
In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record that...
CVE-2025-56568
Assertion failure vulnerability in the PCO Protocol Configuration Options parser in the SMF Session Management Function component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol...
CVE-2025-56568
Open5GS contains an assertion-failure vulnerability in the PCO (Protocol Configuration Options) parser of the SMF (Session Management Function) component, affecting versions prior to 2.7.5. Remote attackers can trigger a denial-of-service by sending specially crafted NGAP messages with malformed ...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: nghttp2 (UTSA-2026-014315)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014315 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when use...
GHSA-J99G-7RQW-Q9JG nimiq-blockchain: Peer-triggerable panic during history sync
Impact HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into...