CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

FreeBSD -- select(2) file descriptor set overflow causes stack overflow

Problem Description: libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. Impact: An...

FreeBSD-SA-26:16.libnv

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:16.libnv Security Advisory The FreeBSD Project Topic: Stack overflow via select file descriptor set overflow Category: core Module: libnv Announced:...

[SECURITY] Fedora 42 Update: rust-protobuf-parse-3.7.2-1.fc42

Parse .proto files. Files are parsed into a protobuf::descriptor::FileDescriptorSet object using either: pure rust parser no dependencies protoc binary more reliable and compatible with Google's implementation...

SUSE CVE-2025-23165

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...

nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow

nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer...