SUSE-SU-2026:21533-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before...

SUSE-SU-2026:0658-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. - CVE-2026-2443: out-of-bounds read when processing specially...

MiracleLinux 8 : compat-exiv2-026-0.26-6.el8 (AXSA:2021-2671:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2671:03 advisory. exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS CVE-2021-31292 exiv2: Out-of-bounds read in...

MiracleLinux 9 : frr-8.5.3-4.el9 (AXSA:2024-7889:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7889:04 advisory. frr: incorrect length check in bgpcapabilityllgr can lead do DoS CVE-2023-31489 frr: missing length check in bgpattrpsidsub can lead do DoS...

Advisory ROSA-SA-2025-3026

Software: openjpeg2 2.4.0 OS: ROSA-CHROME unaffected versions = openjpeg2-2.4.0 affected versions openjpeg2-2.4.0 CVE-ID: CVE-2025-54874 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: In OpenJPEG versions 2.5.1-2.5.3, calling opjjp2readheader may cause heap overruns when the data stream is short and...

SUSE CVE-2025-39710

In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...

CVE-2025-52194

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircamreadheader function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential co...

DEBIAN-CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

ALPINE-CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

UBUNTU-CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

AZL-28617 CVE-2023-41360 affecting package frr for versions less than 8.5.3-2

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...

UBUNTU-CVE-2023-41360

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...

SUSE CVE-2009-4835

The 1 htkreadheader, 2 alawinit, 3 ulawinit, 4 pcminit, 5 float32init, and 6 sdsreadheader functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service divide-by-zero error and application crash via a crafted audio file...

SUSE CVE-2013-4365

Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...

SUSE CVE-2017-5601

An error in the lhareadfileheader1 function archivereadsupportformatlha.c in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive...

SUSE CVE-2018-1301

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode both log and build level...

SUSE CVE-2022-30780

Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service CPU consumption from stuck connections because connectionreadheadermore in connections.c has a typo that disrupts use of multiple read operations on large headers...

CVE-2022-30780

Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service CPU consumption from stuck connections because connectionreadheadermore in connections.c has a typo that disrupts use of multiple read operations on large headers...

DEBIAN-CVE-2022-30780

Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service CPU consumption from stuck connections because connectionreadheadermore in connections.c has a typo that disrupts use of multiple read operations on large headers...

DEBIAN-CVE-2020-6078

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually results in ...