11243 matches found
GHSA-5V62-8FQ6-CP9M ImageMagick has an Infinite Loop in subimage-search with crafted image
An infinite loop in the subimage-search operation can happen when using a crafted image...
EUVD-2026-36180
ImageMagick has an Infinite Loop in subimage-search with crafted image...
RLSA-2023:7139 Moderate: samba security, bug fix, and enhancement update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version:...
SUSE-SU-2026:22424-1 Security update for containerd
This update for containerd fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265794. - CVE-2026-34986: github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of...
CVE-2026-54531
A flaw was found in pypdf before 6.13.0. A crafted PDF with outlines can trigger an infinite loop when merged into a PdfWriter, causing denial of service...
Linux Distros Unpatched Vulnerability : CVE-2026-52967
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb/client: fix possible infinite loop and oob read in symlinkdata On 32-bit architectures, the infinite loop is as follows: len = p-ErrorDataLength == 0xffffff...
CVE-2026-54651
A flaw was found in pypdf. An attacker can craft a malicious PDF file that, when merged with threads or articles into a writer, can lead to an an infinite loop. This vulnerability can result in a Denial of Service DoS condition, making the affected system unresponsive. Mitigation If PDF processin...
CVE-2026-54530
A flaw was found in pypdf, a pure-python PDF library. An attacker can craft a malicious PDF file that, when processed by a system extracting text in layout mode, can lead to an infinite loop. This vulnerability results in a Denial of Service DoS, making the affected system unresponsive. Mitigatio...
EUVD-2026-38835
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix possible infinite loop and oob read in symlinkdata On 32-bit architectures, the infinite loop is as follows: len = p-ErrorDataLength == 0xfffffff8 u8 next = p-ErrorContextData + len next == p On 32-bit...
CVE-2026-52967
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix possible infinite loop and oob read in symlinkdata On 32-bit architectures, the infinite loop is as follows: len = p-ErrorDataLength == 0xfffffff8 u8 next = p-ErrorContextData + len next == p On 32-bit...
CVE-2026-52967
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix possible infinite loop and oob read in symlinkdata On 32-bit architectures, the infinite loop is as follows: len = p-ErrorDataLength == 0xfffffff8 u8 next = p-ErrorContextData + len next == p On 32-bit...
CVE-2026-52967 smb/client: fix possible infinite loop and oob read in symlink_data()
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix possible infinite loop and oob read in symlinkdata On 32-bit architectures, the infinite loop is as follows: len = p-ErrorDataLength == 0xfffffff8 u8 next = p-ErrorContextData + len next == p On 32-bit...
CVE-2026-52967
The CVE-2026-52967 issue affects the Linux kernel SMB client in the symlink_data() logic. On 32-bit architectures, it can cause an infinite loop due to len calculation (p->ErrorDataLength == 0xfffffff8) and an out-of-bounds read (len == 0xfffffff0) where next points to invalid memory (e.g., p ...
Security Bulletin: IBM WebSphere Liberty Operator is affected by multiple vulnerabilities
Summary IBM WebSphere Liberty Operator is affected by multiple vulnerabilities. Vulnerability Details CVEID:CVE-2026-33814 DESCRIPTION: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value o...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm, shmem: preventing infinite loops in truncate race conditions. When truncating a large swap entry, shmemfreeswap returns 0 when the entry’s index does not match the given index due to lookup alignment issues. The failure...
Astra Linux – Vulnerability in libheif
libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a crafted 800-byte HEIF sequence file could cause an infinite loop in the Boxstts::getsampleduration function. This loop consumed 100% of the CPU resources indefinitely, with no progress being made,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents infinite loops that occur when the next valid value is the same. When processing the valid field within the range valid : pos, if the valid value cannot be correctly retrieved—for example, if the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check the return value of indxfind to avoid infinite loops We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed dentry in the ntfs3 filesystem can cause the...
Astra Linux – Vulnerability in libarchive
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents further progress. This...
Astra Linux – Vulnerability in pypdf2
pypdf is a free and open-source Python-based PDF library. Prior to version 6.7.2, an attacker who exploited this vulnerability could create a PDF that would lead to an infinite loop. This required reading the file. This issue has been fixed in pypdf 6.7.2. As a workaround, one can manually apply...