CVE-2026-44060 Integer underflow in dsi_writeinit() leads to denial of service

An integer underflow in dsiwriteinit in Netatalk 1.5.0 through 4.4.2 allows a remote unauthenticated attacker to cause a denial of service via a crafted DSI write request...

CVE-2026-44060

Netatalk 1.5.0–4.4.2 contains an integer underflow in dsi_writeinit() that allows a remote attacker to cause a denial of service via a crafted DSI write request. The issue is fixed in Netatalk 4.4.3. Affected: Netatalk AFP implementation; vulnerable component: dsi_writeinit() function; impact: Do...

Netatalk 数字错误漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 1.5.0 to 4.4.2 of Netatalk contain a digital error vulnerability. This vulnerability stems from an integer underflow in th...

PT-2026-42416

Name of the Vulnerable Software and Affected Versions Netatalk versions 1.5.0 through 4.4.2 Description An integer underflow in the dsi writeinit function allows a remote unauthenticated attacker to cause a denial of service via a crafted DSI write request. Recommendations Update to version 4.4.3...

lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()

...

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation when parsing a UDP packet, due to an underflow of the netprocessreceivedpacket integer value during the ncinputpacket call...

Astra Linux - уязвимость в vlc

Videolan VLC prior to version 3.0.20 contains an integer underflow issue that can lead to incorrect packet lengths being displayed...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. This issue only affects clients. An integer underflow can lead to a Denial of Service DOS vulnerability, for example, an abort due to WINPRASSERT with default compilation flags. When an...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: tpm: efi: Use a local variable to calculate the final log size When tpmreadlogefi is called multiple times, which occurs when one loads and unloads a TPM2 driver multiple times, the global variable efitpmfinallogsize will...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol. Clients that use FreeRDP versions prior to 3.5.0 or 2.11.6 and have connections to servers using the NSC codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 address this issue. As a workaround, do not use the NSC...

Astra Linux - уязвимость в openldap

An integer underflow was discovered in OpenLDAP before version 2.4.57, which led to slapd crashes during the Certificate Exact Assertion processing, resulting in a denial of service schemainit.c serialNumberAndIssuerCheck...

Astra Linux - уязвимость в chromium

Integer underflow in WebUI of Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. Chromium security severity: High...

Astra Linux - уязвимость в openvswitch

An integer underflow occurred in the Organization Specific TLV in various versions of OpenvSwitch...

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

SUSE CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021648 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be...

krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Chunk process when handling files with a samplesperchunk value of zero. An attacker can cause a segmentation fault and denial of service by providing a specially crafted HEIF file that triggers an unsigned...