MiracleLinux 3 : libtiff-3.8.2-7.4.1AXS3 (AXSA:2009-380:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-380:01 advisory. The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file...

CVE-2025-71098 ip6_gre: make ip6gre_header() robust

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

MiracleLinux 9 : glib2-2.68.4-16.el9_6.2 (AXSA:2025-10648:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10648:03 advisory. glib: buffer overflow in setconnectmsg CVE-2024-52533 glib: Buffer Underflow on GLib through glib/gstring.c via function gstringinsertunichar...

OPENSUSE-SU-2026:20018-1 Security update for glib2

This update for glib2 fixes the following issues: Update to version 2.84.4. Security issues fixed: - CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. -...

CVE-2020-24658

Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to above any vulnerable arrays in the stack. The guard value is...

Amazon Linux 2023 : glib2, glib2-devel, glib2-static (ALAS2023-2025-1349)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1349 advisory. Buffer underflow on Glib through glib/gvariant via bytestringparse or stringparse leads to OOB Write. CVE-2025-14087 Tenable has extracted the preceding description block directly from the tested produ...

CVE-2026-22185

OpenLDAP Lightning Memory-Mapped Database LMDB versions up to and including 0.9.14, prior to commit 8e1fda8, contain a heap buffer underflow in the readline function of mdbload. When processing malformed input containing an embedded NUL byte, an unsigned offset calculation can underflow and cause...

Important: glib2

Issue Overview: Buffer underflow on Glib through glib/gvariant via bytestringparse or stringparse leads to OOB Write. CVE-2025-14087 Affected Packages: glib2 Issue Correction: Run dnf update glib2 --releasever 2023.10.20260105 or dnf update --advisory ALAS2023-2025-1349 --releasever...

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. CVE-2025-14087: buffer underflow in the GVariant parser...

Important: glib2

Issue Overview: Buffer underflow on Glib through glib/gvariant via bytestringparse or stringparse leads to OOB Write. CVE-2025-14087 Affected Packages: glib2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Amazon Linux 2 : glib2, --advisory ALAS2-2025-3117 (ALAS-2025-3117)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3117 advisory. Buffer underflow on Glib through glib/gvariant via bytestringparse or stringparse leads to OOB Write. CVE-2025-14087 Tenable has...

PT-2026-4916

Name of the Vulnerable Software and Affected Versions Glib affected versions not specified Description A buffer underflow issue exists in Glib's content type parsing logic. The issue stems from storing the length of a header line in a signed integer, potentially causing integer wraparound with...

curl: Telnet Suboption Buffer Pointer Underflow in lib/telnet.c leads to Out-of-Bounds Read

Summary A buffer pointer underflow vulnerability exists in curl's telnet protocol handler lib/telnet.c. When processing telnet suboptions in the CURLTSSE state, the code unconditionally decrements the suboption buffer pointer by 2 subpointer -= 2, even when the CURLSBACCUM macro skips writing due...

wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()

...

SUSE CVE-2025-68362

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

EUVD-2025-205092

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

AZL-73063 CVE-2025-68362 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

CVE-2025-68362

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

UBUNTU-CVE-2025-68362

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

CVE-2025-68362

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...