SUSE-SU-2026:0311-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the non-default BIOflinebuffer filter. An attacker who can cause writes of large, newline-free data to an application using this filter with a BIO chain that can short-write, may cause a crash. This data is unlike...

CVE-2025-68160

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

ALPINE-CVE-2025-68160

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

CVE-2025-68160

CVE-2025-68160 describes a heap-based out-of-bounds write in OpenSSL’s BIO_f_linebuffer filter when a BIO chain writes large, newline-free data with subsequent short writes. This can cause memory corruption and a Denial of Service. Affected products/versions include OpenSSL 3.6, 3.5, 3.4, 3.3, 3....

CVE-2025-68160 Heap out-of-bounds write in BIO_f_linebuffer on short writes

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

CVE-2025-68160

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

CVE-2025-68160

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

EUVD-2022-53410

Malicious code in bioql PyPI...

CVE-2022-32202

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

PT-2026-4946

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 3.6 OpenSSL versions 1.1.1 OpenSSL versions 3.0 through 3.6 OpenSSL versions 3.3 through 3.6 OpenSSL versions 3.4 through 3.6 OpenSSL versions 3.5 through 3.6 Description A heap-based out-of-bounds write can occu...

Denial Of Service (DoS)

libjpeg.so is vulnerable to denial of service. The vulnerability exists due to a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

CVE-2022-32202

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

CVE-2022-32202

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

CVE-2022-32202

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

DEBIAN-CVE-2022-32202

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

Null pointer dereference

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

UBUNTU-CVE-2022-32202

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

CVE-2022-32202

In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp...

libjpeg 代码问题漏洞

libjpeg is a C language library for processing JPEG format image data. It includes JPEG decoding, JPEG encoding and other JPEG functions. A denial of service vulnerability exists in libjpeg version 1.63, which stems from a null pointer dereference in LineBuffer::FetchRegion in linebuffer.cpp. An...