php: Fix of 2 CVEs

CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...

Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeros...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bonding: A potential infinite loop has been prevented in the bondheaderparse function. The bondheaderparse function may enter an infinite loop if a stack of two bonding devices is set up. This occurs because skb-dev always points...

OSV-2026-548 UNKNOWN in ojph::local::precinct::parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=500177411 Crash type: UNKNOWN Crash state: ojph::local::precinct::parse ojph::local::resolution::parseoneprecinct ojph::local::tile::parsetileheader...

Linux Distros Unpatched Vulnerability : CVE-2026-23451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a...

SUSE CVE-2026-23451

In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...

CVE-2026-23451

In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...

CVE-2026-23451

In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...

PT-2026-30146

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the bond header parse function. This function could enter an infinite loop when processing a stack of two bonding devices because skb-dev always...

CLSA-2025-1753124055 libsoup: Fix of 7 CVEs

CVE-2025-32050: fix overflow in appendparamquoted - CVE-2025-32052: fix heap buffer overflow in soupcontentsniffersniff - CVE-2025-32053: fix heap buffer overflow in snifffeedorhtml - CVE-2025-32907: soup-message-headers: correct merge of ranges - CVE-2025-46420: fix leak in...

Important: libsoup

Issue Overview: A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. CVE-2025-32906 A flaw was found in libsoup. The implementation of...

AZL-61567 CVE-2025-46420 affecting package libsoup for versions less than 3.0.4-6

A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...

UBUNTU-CVE-2025-46420

A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...

libsoup 安全漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup, which stems from a memory leak in the soupheaderparsequalitylist function when parsing an all-zero quality list...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

SUSE CVE-2024-47607

GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. 

...

PT-2024-40756 · Avif · Avif

Name of the Vulnerable Software and Affected Versions: avif affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the avifSequenceHeaderParse function, which is called by avifDecoderReset and avifDecoderParse...