CVE-2026-32836

drlibs drflac.h version 0.13.3 and earlier contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and...

DEBIAN-CVE-2026-28421

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issu...

Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...

USN-3234-2 linux-lts-xenial vulnerabilities

USN-3234-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not...