52 matches found
Important: Red Hat Security Advisory: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, and kpatch-patch-4_18_0-477_97_1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
SUSE-SU-2026:2518-1 Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
dnsmasq: dnsmasq: heap buffer overflow in cache via NAME_ESCAPE expansion
A heap buffer overflow was discovered in dnsmasq's DNS cache. When processing DNS responses, dnsmasq expands certain characters into longer escape sequences, but the cache buffer is not sized to hold the expanded result. A specially crafted DNS response can overflow this buffer, potentially...
Unbreakable Enterprise kernel security update
5.4.17-2136.355.3.3 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391459 CVE-2026-46333 5.4.17-2136.355.3.2 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount Maurizio Lombardi Orabug: 39368774 CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free i...
CVE-2026-2291
A heap buffer overflow was discovered in dnsmasq's DNS cache. When processing DNS responses, dnsmasq expands certain characters into longer escape sequences, but the cache buffer is not sized to hold the expanded result. A specially crafted DNS response can overflow this buffer, potentially...
RLSA-2026:13566 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in traffic control actct may lead to denial of service or privilege escalation CVE-2026-23270 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer overflow vulnerability exists in the Linux kernel. The vulnerability stems from the fuseadddirenttocache function not checking if the dirent size exceeds PAGESIZE, whi...
PT-2026-36324
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.16-rc1 and later Description An out-of-bounds write issue exists in the fuse add dirent to cache function within the FUSE subsystem. The system calculates a serialized directory entry dirent size based on the...
CVE-2026-5235
The vulnerability CVE-2026-5235 affects Axiomatic Bento4 (up to version 1.6.0-641). It targets MP4 File Parser, specifically AP4_BitReader::ReadCache in Ap4Dac4Atom.cpp, causing a heap-based buffer overflow. Exploitation is local and the exploit has been publicly disclosed. Details on affected pr...
CVE-2026-29775
The CVE-2026-29775 issue affects FreeRDP’s bitmap cache subsystem. A client-side heap out-of-bounds read/write occurs due to an off-by-one boundary check in bitmap_cache_put, allowing a malicious server to send a CACHE_BITMAP_ORDER (Rev1) with cacheId equal to maxCells and access cells[] one elem...
CLSA-2026-1772619215 Fix CVE(s): CVE-2026-25798, CVE-2026-25799, CVE-2026-26066
SECURITY UPDATE: integer overflow in pixel cache allocation - debian/patches/CVE-2026-25798.patch: add CacheOverflowSanityCheckGetSize to detect overflow in numberpixelspacketsize in OpenPixelCache - CVE-2026-25798 SECURITY UPDATE: infinite loop in IPTC metadata processing -...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length bsc1254400...
MiracleLinux 9 : bind-9.16.23-11.el9.1 (AXSA:2023-6228:06)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6228:06 advisory. bind: named's configured cache size limit can be significantly exceeded CVE-2023-2828 Tenable has extracted the preceding description block directly from the...
MiracleLinux 7 : bind-9.11.4-26.P2.14.0.1.el7.AXS7 (AXSA:2023-6247:08)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6247:08 advisory. bind: named's configured cache size limit can be significantly exceeded CVE-2023-2828 Tenable has extracted the preceding description block directly from the...
SUSE CVE-2025-40267
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this...
EUVD-2025-201588
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this...
CVE-2025-40267
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this...
DEBIAN-CVE-2025-40267
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this...
UBUNTU-CVE-2025-40267
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this...
CVE-2025-40267
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this...