[SECURITY] [DSA 6227-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6227-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez April 22, 2026 https://www.debian.org/security/faq -...

CVE-2026-35328

Infinite Loop When Handling Supported Versions TLS Extension...

UBUNTU-CVE-2026-35328

Infinite Loop When Handling Supported Versions TLS Extension...

CVE-2026-41666

Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0...

CVE-2026-41666

Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0...

CVE-2026-41666

CVE-2026-41666 affects Samsung Open Source ONE with an integer overflow in tensor copy size calculation, potentially causing out-of-bounds access during loop state propagation. The issue is scoped to versions prior to commit 1.30.0. The provided metrics describe a local, low-privilege, user-inter...

CVE-2026-41666

Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0...

CVE-2026-41146

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

CVE-2026-41146 facil.io and downstream iodine ruby gem vulnerable to uncontrolled resource consumption and loop with unreachable exit condition

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

EUVD-2026-24583

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

CVE-2026-41146

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

CVE-2026-41146

facil.io (C micro-framework) contains a vulnerability in fio_json_parse that can enter an infinite loop when parsing a nested JSON value starting with i or I, causing a CPU core to be pegged at ~100% and not returning a parse error. The issue also affects downstream iodine Ruby gem that vendors t...

CVE-2026-41146 facil.io and downstream iodine ruby gem vulnerable to uncontrolled resource consumption and loop with unreachable exit condition

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

PT-2026-34238

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fio json parse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning...

PT-2026-34353

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system during the mkdir and mknod paths. When mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails, the ext4 e...

PT-2026-34556

Name of the Vulnerable Software and Affected Versions StrongSwan affected versions not specified Description An issue exists that can lead to an infinite loop, resulting in a system crash. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the internal IPv4 header length in the IPTFS payload. This vulnerability ma...

PT-2026-34377

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet tot len and ihl fields parsed from decrypted IPTFS payloads in input process payload. A crafted ESP packet containing an inne...

facil.io 资源管理错误漏洞

facil.io is a C-language high-performance web application microframework developed by Bo’s individual developer. Facil.io has a resource management vulnerability; this vulnerability arises when fiojsonparse enters an infinite loop upon encountering nested JSON values that start with “i” or “I”,...

openSUSE 16 Security Update : clamav (openSUSE-SU-2026:20479-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20479-1 advisory. Update to clamav 1.5.2: Security issue: - CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial...