162 matches found
CVE-2026-53074
In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...
USN-8348-1 gobgp vulnerabilities
It was discovered that GoBGP incorrectly handled certain specially crafted BGP UPDATE messages. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. CVE-2026-37461 Yanlei Wang discovered that GoBGP incorrectly handled certain malformed BGP...
openSUSE 16 Security Update : libsndfile (openSUSE-SU-2026:20787-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20787-1 advisory. This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: vrf: Use RCU protection in l3mdevl3out. l3mdevl3out can be called without RCU being held: rawsendmsg ippushpendingframes ipsendskb iplocalout iplocalout l3mdevipout Add rcureadlock / rcureadunlock pairs to avoid a potential...
SUSE CVE-2026-7734
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
CVE-2026-7734
A flaw was found in osrg GoBGP. A remote attacker can exploit a vulnerability in the SRv6 L3 Service component by manipulating the data argument within the SRv6L3ServiceAttribute.DecodeFromBytes function. This manipulation leads to a denial of service DoS, making the affected system or service...
CVE-2026-7734
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
CVE-2026-7734 osrg GoBGP SRv6 L3 Service prefix_sid.go SRv6L3ServiceAttribute.DecodeFromBytes denial of service
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
CVE-2026-7734 osrg GoBGP SRv6 L3 Service prefix_sid.go SRv6L3ServiceAttribute.DecodeFromBytes denial of service
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
EUVD-2026-26914
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
CVE-2026-7734
The CVE-2026-7734 affects osrg GoBGP up to 4.3.0, specifically the SRv6 L3 Service component’s DecodeFromBytes function in pkg/packet/bgp/prefix_sid.go. The issue allows remote manipulation of input data to trigger a denial of service. A fix is available in GoBGP v4.4.0, with the patch identified...
CVE-2026-7734 osrg GoBGP SRv6 L3 Service prefix_sid.go SRv6L3ServiceAttribute.DecodeFromBytes denial of service
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
OESA-2026-1606 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the...
OESA-2026-1605 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the...
OESA-2026-1604 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the...
OESA-2026-1603 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the...
kernel: vrf: use RCU protection in l3mdev_l3_out()
A use-after-free vulnerability was found in the Linux kernel. l3mdevl3out can be called without RCU being held, causing damage to the availability of the system...
TencentOS Server 4: libsndfile (TSSA-2026:0036)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0036 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
SUSE CVE-2025-56226
Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file...
Linux Distros Unpatched Vulnerability : CVE-2025-56226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file. CVE-2025-56226 Note that Nessus relies ...