Astra Linux - уязвимость в binutils

A issue was discovered in cp-demangle.c within GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many ‘P’ characters...

glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

A flaw was found in glibc the GNU C Library. When an application uses the gethostbyaddr or gethostbyaddrr functions with a nsswitch.conf configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS Domain Name System response. This crafted response can caus...

glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

A flaw was found in the GNU C library glibc. When applications use the gethostbyaddr or gethostbyaddrr functions with a nsswitch.conf configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to application...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

GNU Binutils objdump bucomm.c display_info memory leak

...

ALSA-2026:19061 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

Security update for glibc (important)

openSUSE security update: security update for glibc ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20764-1 Rating: important References: bsc1261206 bsc1262464 bsc1262465 Cross-References: CVE-2026-4046 CVE-2026-5450 CVE-2026-5928 CVSS scores:...

ALPINE-CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

CVE-2026-8696

CVE-2026-8696 affects radare2 6.1.5, specifically the GDB client core's gdbr_pids_list() function. The vulnerability is a use-after-free that can be triggered by malformed thread information responses, where qsThreadInfo fails after qfThreadInfo allocates RDebugPid structures. This leads to a dou...

CVE-2026-8696 radare2 6.1.5 Use-After-Free via gdbr_pids_list()

radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...

CVE-2026-8696 radare2 6.1.5 Use-After-Free via gdbr_pids_list()

radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...

CVE-2026-8696

radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...

[SECURITY] Fedora 44 Update: rust-sequoia-chameleon-gnupg-0.13.1-12.fc44

Sequoia's reimplementation of the GnuPG interface...

Critical Photon OS Security Update - PHSA-2026-4.0-1017

Updates of 'glibc' packages of Photon OS have been released...

[SECURITY] [DSA 6271-1] gsasl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6271-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2026 https://www.debian.org/security/faq -...

Medium: amazon-ecr-credential-helper

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

Medium: amazon-ecr-credential-helper

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

MGASA-2026-0128 Updated sed packages fix security vulnerability

Race Condition in GNU Sed. CVE-2026-5958...

Updated sed packages fix security vulnerability

Race Condition in GNU Sed. CVE-2026-5958...

GNU Privacy Guard 2.5.20

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...