PT-2026-5011

Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.5.17 Description A long signature packet length can cause the parse signature function to return success while setting the sig-data pointer to a NULL value. This results in a denial of service, specifically an...

PT-2026-26671

Name of the Vulnerable Software and Affected Versions GNU C library versions 2.34 through 2.43 Description The GNU C library’s gethostbyaddr and gethostbyaddr r functions, when used with a configured nsswitch.conf file specifying the library’s DNS backend, may return invalid DNS hostnames. This...

PT-2026-25339

GNU inetutils telnetd versions prior to 2.8 Description A buffer overflow exists in the LINEMODE SLC Set Local Characters suboption handler of the telnetd daemon. The issue occurs because the add slc function does not verify if the buffer is full before copying data, leading to an out-of-bounds...

PT-2026-25097

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

PT-2026-26670

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.34 through 2.43 Description The GNU C Library contains a flaw where calling the gethostbyaddr or gethostbyaddr r functions with a specific nsswitch.conf configuration utilizing the library’s DNS backend may lead to a...

SUSE CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

Unity Linux 20.1070e Security Update: gdb (UTSA-2025-993326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993326 advisory. A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfdelfgcrecordvtentry of the file bfd/elflink.c of the component Linker. The...

EUVD-2025-205834

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

UBUNTU-CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

UBUNTU-CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

CVE-2025-66862

A flaw was found in binutils. Processing a specially crafted PE file with cxxfilt can trigger a heap-based buffer over-read in the gnuspecial function in the cplus-dem.c file, causing a crash and resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the...

UBUNTU-CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

OESA-2025-2859 binutils security update

The GNU Binutils are a collection of binary tools. The main ones are: ld - the GNU linker. as - the GNU assembler. addr2line - Converts addresses into filenames and line numbers. ar - A utility for creating, modifying and extracting from archives. c++filt - Filter to demangle encoded C++ symbols...

CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2022-50812 security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2022-50812

The CVE-2022-50812 issue affects the Linux kernel, arising from a bug in clang’s -fzero-call-used-regs implementation. The vulnerability can cause NULL pointer dereferences. The fix is to restrict CONFIG_ZERO_CALL_USED_REGS to a supported GCC version or a clang newer than 15.0.6 (and to cover the...