CVE-2026-43192

The provided sources describe CVE-2026-43192 as a Linux kernel issue in the device-mapper multipath (dm mpath) subsystem. A missing cleanup (dm_put_device) when failing to retrieve the SCSI handler name during path parsing (scsi_dh_attached_handler_name) could leak references to the path device. ...

PT-2026-37451

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipc control data for bytes controls is: 1 sizeofstruct sof ipc4 control data + // kernel only struct 2 sizeofstruct...

Linux Distros Unpatched Vulnerability : CVE-2025-71286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient allocation of memory for the propertyentry structure in the txgbe driver, without...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the dmaalloccoherent function in the vt8500lcdfb driver. The memory allocated by this function is...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect allocation of byte control data in the ipc4-topology module of the SOF audio driver...

PT-2026-37562

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer size issue exists in the Verisilicon AV1 media component. The tile information, consisting of row sb, col sb, start pos, and end pos 4 bytes each, requires a total memory...

PT-2026-37542

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the fbdev component, specifically within the vt8500lcdfb driver, the fbi-fb.screen buffer is allocated using the dma alloc coherent function but is not properly released via dma free...

Linux Distros Unpatched Vulnerability : CVE-2026-42154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not...

Memory Allocation with Excessive Size Value

Overview OpenTelemetry.OpAmp.Client is an OpAMP Client for OpenTelemetry .NET Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the PlainHttpTransport response handling in the OpAMP HTTP transport. An attacker can force the client to allocate...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/image-v0.18.0 which is vulnerable to CVE-2026-33809

Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/image-v0.18.0 which is vulnerable to CVE-2026-33809, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33809 DESCRIPTION: A maliciously craft...

EUVD-2026-27243

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

GHSA-2F9F-GQ7V-9H6M Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

CVE-2026-43868

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

UBUNTU-CVE-2026-43868

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

CVE-2026-43868

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

CVE-2026-43868 Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

CVE-2026-43868

CVE-2026-43868 affects Apache Thrift prior to 0.23.0, where a memory-allocation vulnerability is triggered by excessive size values in RPC messages, potentially enabling a denial of service. The issue is mitigated by upgrading to Thrift 0.23.0 or later. The provided sources confirm the affected v...

CVE-2026-43868

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...