Astra Linux - уязвимость в binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.31. A heap-based buffer overflow in the bfdgetl32 function in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be...

Astra Linux - уязвимость в emacs

A vulnerability was discovered in GNU Emacs through version 28.2. The htmlfontify.el script has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir parameters come from external inputs, and these parameters are not escaped properly. If a...

Astra Linux - уязвимость в gmp

GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...

OESA-2026-2130 emacs security update

Emacs is the extensible, customizable, self-documenting real-time display editor. At its core is an interpreter for Emacs Lisp, a dialect of the Lisp programming language with extensions to support text editing. And it is an entire ecosystem of functionality beyond text editing, including a proje...

[SECURITY] Fedora 42 Update: insight-18.0.50.20260306-3.fc42

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

[SECURITY] Fedora 44 Update: glibc-2.43-4.fc44

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

CLSA-2026-1777541514 binutils: Fix of 3 CVEs

CVE-2025-66862: fix buffer overflow in gnuspecial cplus-dem.c - CVE-2025-66863: fix denial of service in ddiscriminator cp-demangle.c - CVE-2025-66865: fix denial of service in dprintcompinner cp-demangle.c...

[SECURITY] Fedora 44 Update: emacs-30.2-23.fc44

GNU Emacs is a powerful, customizable, self-documenting, modeless text editor. It contains special code editing features, a scripting language elisp, and the capability to read mail, news, and more without leaving the editor...

[SECURITY] Fedora 43 Update: emacs-30.2-7.fc43

GNU Emacs is a powerful, customizable, self-documenting, modeless text editor. It contains special code editing features, a scripting language elisp, and the capability to read mail, news, and more without leaving the editor...

CVE-2026-33845

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

SUSE CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...

[SECURITY] Fedora 43 Update: libgcrypt-1.11.1-4.fc43

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

GnuTLS 安全漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS. GnuTLS has a security vulnerability that stems from a logical error in handling multi-record OCSP responses. This vulnerability could allow remote attackers to cause clients to incorrectly accept revoked server...

Amazon Linux 2 : glibc, --advisory ALAS2-2026-3272 (ALAS-2026-3272)

The version of glibc installed on the remote host is prior to 2.26-64. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3272 advisory. The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from t...

CLSA-2026-1777456776 glibc: Fix of CVE-2021-35942

CVE-2021-35942: fix integer overflow in wordexp positional parameter number...

CLSA-2026-1777446434 gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...

gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...

Linux Distros Unpatched Vulnerability : CVE-2026-5435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and ca...

GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation

Exploit Title: GNU InetUtils telnetd - Remote Privilege Escalation Date: 2026-01-24 Exploit Author: Ali Guliyev infat0x Author GitHub: https://github.com/infat0x Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils/ Version: GNU InetUtils 2.0...

ROS-20260429-73-0001

A vulnerability in the begfield function of the GNU Core Utilities GNU Coreutils sort component is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service...