24 matches found
UBUNTU-CVE-2026-46012
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix memory leaks in rxkadverifyresponse Fix rxkadverifyresponse to free the ticket and the server key under all circumstances by initialising the ticket pointer to NULL and then making all paths through the function after...
CVE-2026-46012
CVE-2026-46012 affects the Linux kernel's rxrpc path, specifically rxkad_verify_response(), where memory leaks could occur due to improper cleanup of the ticket and the server key. The fix initializes the ticket pointer to NULL and routes all paths after the first allocation to a single common ep...
CVE-2026-46012 rxrpc: Fix memory leaks in rxkad_verify_response()
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix memory leaks in rxkadverifyresponse Fix rxkadverifyresponse to free the ticket and the server key under all circumstances by initialising the ticket pointer to NULL and then making all paths through the function after...
PT-2026-43879
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A memory leak occurs in the rxkad verify response function within the rxrpc component. The issue arises when the ticket and...
SUSE CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
DEBIAN-CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
CVE-2026-40347 Python-Multipart affected by Denial of Service via large multipart preamble or epilogue data
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
CVE-2026-40347
The CVE-2026-40347 entry concerns Python-Multipart. Versions prior to 0.0.26 are vulnerable to a denial-of-service when parsing crafted multipart/form-data with large preambles/epilogues. The fix (0.0.26+) skips ahead on leading CR/LF data and discards epilogue data after the closing boundary. Af...
CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
CVE-2026-40347 Python-Multipart affected by Denial of Service via large multipart preamble or epilogue data
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
Excessive Iteration
Overview python-multipart is an A streaming multipart parser for Python Affected versions of this package are vulnerable to Excessive Iteration in the parsing performed by multipart.py. An attacker can degrade performance by sending multipart requests with very large preamble or epilogue sections...
python-multipart affected by Denial of Service via large multipart preamble or epilogue data
Summary A denial of service vulnerability exists when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Details Two inefficient multipart parsing paths could be abused with attacker-controlled input. Before the first multipart boundary, the parser handled...
GHSA-MJ87-HWQH-73PJ python-multipart affected by Denial of Service via large multipart preamble or epilogue data
Summary A denial of service vulnerability exists when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Details Two inefficient multipart parsing paths could be abused with attacker-controlled input. Before the first multipart boundary, the parser handled...
PT-2026-33212
Name of the Vulnerable Software and Affected Versions Python-Multipart versions prior to 0.0.26 Description An issue exists when parsing crafted multipart/form-data requests containing large preamble or epilogue sections. Two inefficient parsing paths can be abused: the parser handles leading CR...
arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs
...
SUSE CVE-2025-37948
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...
PT-2025-22209
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. The issue is resolved by adding BHB mitigation to the epilogue for...