CVE-2026-46023 dm mirror: fix integer overflow in create_dirty_log()

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

CVE-2026-46023

CVE-2026-46023 is a Linux kernel vulnerability in dm-mirror where create_dirty_log() could bypass argc checks due to an unsigned add of 2 + param_count, allowing an out-of-bounds read in argv when param_count is near UINT_MAX. The root cause is an overflow in argument count calculation before val...

EUVD-2026-32404

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

CVE-2026-46023

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

SUSE-SU-2026:2091-1 Security update for php7

This update for php7 fixes the following issues - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. - CVE-2026-6735: improper validation of the request URI within the PHP-FPM status page can lead to XSS bsc1264775. - CVE-2026-7258: signed char...

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.17.0 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation April 2026 security fixes update this dependency beyond 4.17.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2022-23990 DESCRIPTION: Expat aka...

Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

...

Security update for rsync

This update for rsync fixes the following issues CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. CVE-2026-43618: Integer Overflow...

SUSE-SU-2026:2083-1 Security update for rsync

This update for rsync fixes the following issues - CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. - CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. - CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. - CVE-2026-43618: Integer...

CVE-2026-46039

rxgk: Fix potential integer overflow in length check...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from integer overflows in the length checks within the rxgkextracttoken function. This vulnerability...

CVE-2026-46062

ntfs3: fix integer overflow in rununpack volume boundary check...

PT-2026-44571

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An integer overflow in WTF allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Recommendations Update to version 148.0.7778.216 ...

CVE-2026-46023

dm mirror: fix integer overflow in createdirtylog...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from integer overflows in the parameter counting within the createdirtylog function. This could lead t...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by integer overflow in WTF. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a specially crafted HT...

PT-2026-44674

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An integer overflow in the XML component on Windows allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape. This is triggered...

PT-2026-44591

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An integer overflow in ANGLE allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version 148.0.7778.216 or later...

PT-2026-44706

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An integer overflow in Skia allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. An integer overflow...

PT-2026-43929

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the run unpack function within the ntfs3 driver. The volume boundary check lcn + len sbi-used.bitmap.nbits utilizes raw addition, which can wrap around when...