CVE-2026-41178 OpenTelemetry-Go's baggage parsing no longer caps raw header length

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1.41.0 and 1.43.0 removed raw-length rejection and it causes Parse to process arbitrarily large/invalid baggage headers and log errors, enabling DoS via oversized inputs. Versions 1.42.0 and 1.44.0 fix the issue...

CVE-2026-41178

CVE-2026-41178 affects OpenTelemetry-Go baggage parsing. The issue arises from removal of raw-length rejection in baggage header parsing, causing Parse to fully process very large or invalid baggage headers and log errors, enabling potential DoS via CPU/memory and log amplification. Concrete deta...

EUVD-2026-34021

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

DEBIAN-CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

opentelemetry-go's baggage parsing no longer caps raw header length

Summary https://github.com/open-telemetry/opentelemetry-go/pull/7880 removed raw-length rejection and it causes Parse to process arbitrarily large/invalid baggage headers and log errors, enabling DoS via oversized inputs. Details The commit removes the upfront baggage-string length check and the...

CVE-2026-46186

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

CVE-2026-46186

The CVE-2026-46186 issue affects the Linux kernel Bluetooth virtio_bt driver. In virtbt_rx_handle(), the driver reads the leading pkt_type from the RX skb and forwards the remaining payload to hci_recv_frame() for all packet types (event/ACL/SCO/ISO) without verifying that the payload is large en...

EUVD-2026-32813

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

CVE-2026-46186 Bluetooth: virtio_bt: validate rx pkt_type header length

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

CVE-2026-45850

CVE-2026-45850 relates to the Linux kernel’s IPVS handling of IPv6: protocol checksum validation can fail when IPv6 extension headers precede the protocol header. The fix uses iph->len as the offset rather than the previous value, addressing the miscalc that allowed incorrect checksums. Affect...

CVE-2026-45850 ipvs: skip ipv6 extension headers for csum checks

In the Linux kernel, the following vulnerability has been resolved: ipvs: skip ipv6 extension headers for csum checks Protocol checksum validation fails for IPv6 if there are extension headers before the protocol header. iph-len already contains its offset, so use it to fix the problem...

PT-2026-43910

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload size in rxe rcv rxe rcv currently checks only that the incoming packet is at least header sizepkt bytes long before payload size is used. However, payload size subtracts both the...

CVE-2026-9054

The provided documents describe CVE-2026-9054 as a network-facing kernel panic triggered when an attacker sends packets (TCP, IL, RUDP, RUDP, or GRE) whose length is shorter than the header size. The description is consistent across NVD entries and related sources, but there are no explicit detai...

Astra Linux - уязвимость в libpcap

The sf-pcapng.c file in libpcap before version 1.9.1 does not properly validate the PHB header length before allocating memory...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. The length of the skb header is compared with the value supported by the hardware, which is received from the device control...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Validation of the totlen and ihl fields of the inner IPv4 packet has been added to the processing of decrypted IPTFS payloads in inputprocesspayload. A crafted ESP...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the header. The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostfram...

CLSA-2026-1779129849 httpd: Fix of CVE-2026-28780

CVE-2026-28780: modproxyajp: heap-based buffer overflow in ajpmsgcheckheader — message size check did not subtract AJPHEADERLEN, letting a crafted AJP reply write 4 bytes past the end of the heap buffer...