CVE-2026-43157

Summary: CVE-2026-43157 affects the Linux kernel octeontx2-af CGX driver. The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap, tx_fc_pfvf_bmap) are allocated during cgx_lmac_init() but not freed during cgx_lmac_exit(), enabling a kernel memory leak (kmemleak) when the driver is unbound and rebound. I...

CVE-2026-43157

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...

PT-2026-37497

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the octeontx2-af driver due to RX/TX flow-control bitmaps rx fc pfvf bmap and tx fc pfvf bmap being allocated by the cgx lmac init function but not released by th...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of freed memory during the resize operation in the md/bitmap functions. This could...

PT-2026-37503

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free race condition exists between the bitmap daemon work and bitmap resize functions. The daemon iterates over bitmap-storage.filemap without proper locking, while the resiz...

Linux Distros Unpatched Vulnerability : CVE-2026-43163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md/bitmap: fix GPF in writepage caused by resize race A General Protection Fault occurs in writepage during array resize: RIP: 0010:writepage+0x22b/0x3c0 mdmod...

EUVD-2026-27370

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocate block from corrupted group in ext4mbfindbygoal There's issue as follows: ... EXT4-fs mmcblk0p1: Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117 EXT4-fs...

PT-2026-37071

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system where the kernel may attempt to allocate blocks from a corrupted block group. This occurs because when EXT4 MB GRP BBITMAP CORRUPTe4b-bd info is...

DEBIAN-CVE-2026-42146

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2026-42146

CVE-2026-42146 affects the CImg Library (C++) where the nb_colors field read from BMP headers is used to compute an allocation size without validating against the remaining file size, enabling an out-of-memory condition when loading crafted untrusted BMPs. A patch (commit c3aacf5) fixes the issue...

CVE-2026-42146 CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

EUVD-2026-27077

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2026-42146 CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2026-42146

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

SUSE-SU-2026:21436-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...

OPENSUSE-SU-2026:20657-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...

JLSEC-2026-362

SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...

JLSEC-2026-363

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...

JLSEC-2026-364

There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution...

TencentOS Server 2: ImageMagick (TSSA-2025:1011)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:1011 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...