7 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-9639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes...
CVE-2026-9639
Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...
CVE-2026-9639
CVE-2026-9639 describes a nil-pointer dereference in LXD’s CreateCustomVolumeFromBackup. On Linux, affected versions are up to 6.8 and 5.21. An authenticated user with the ability to can_create_storage_volumes can trigger a denial of service by supplying a specially crafted custom-volume backup t...
CVE-2026-9639 Authenticated Denial of Service via Malicious Backup Tarball in LXD
Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...
PT-2026-52843
Name of the Vulnerable Software and Affected Versions LXD versions prior to 6.9 LXD version 5.21 Description A nil-pointer dereference occurs in the CreateCustomVolumeFromBackup function when processing a specially crafted custom-volume backup tarball that omits the expires at snapshot field. An...
CVE-2026-41648
Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for an authenticated user to provide a crafted image or backup tarball that when...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the YAML metadata parsing process. An attacker can cause excessive memory consumption and potentially trigger an out-of-memory condition on the server by uploading a crafted image ...