CVE-2026-43868

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

CVE-2026-43868

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

Linux Distros Unpatched Vulnerability : CVE-2026-43868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to...

PT-2026-36991

Name of the Vulnerable Software and Affected Versions Apache Thrift versions prior to 0.23.0 Description An issue exists involving memory allocation with an excessive size value. Recommendations Upgrade to version 0.23.0...

Apache Thrift 安全漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability, which was caused by an excessive memory allocation size value...

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the remote read endpoint when processing snappy-compressed request bodies. An attacker can cause excessive memory allocation and crash the process by sending specially crafted payloads...

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the nbcolors field of the BMP file header during the loadbmp process. An attacker can cause an out-of-memory condition and crash the application by supplying a crafted BMP file with a large...

DEBIAN-CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

CVE-2026-42146 CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

EUVD-2026-27077

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2026-42146

CVE-2026-42146 affects the CImg Library (C++) where the nb_colors field read from BMP headers is used to compute an allocation size without validating against the remaining file size, enabling an out-of-memory condition when loading crafted untrusted BMPs. A patch (commit c3aacf5) fixes the issue...

CVE-2026-42146

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

CImg 安全漏洞

CImg is a small open-source C++ toolkit for image processing, developed by GREYC. CImg has a security vulnerability that stems from the lack of validation of the nbcolors field in BMP file headers. This vulnerability may lead to excessive memory allocation and cause a system to crash due to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Firmware: Xilinx: Do not perform sleepable memory allocations from an atomic context. The following issue was discovered using lockdep: 6.691371 BUG: A sleeping function is called from an invalid context at...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fix for kernel crash during resume Currently, during resume, the QMI target memory is not handled properly. This results in a kernel crash if DMA remap is not supported: BUG: Incorrect page state in process...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clk: imx: clk-imx8mn: fixed a memory leak in imx8mnclocksprobe. Use devmofiomap instead of ofiomap to automatically handle the unused ioremap regions. If any errors occur, the memory allocated by kzalloc may leak; however, usi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed DMA mapping leaks During the reallocation of RX buffers, new DMA mappings are created for those buffers. Reproduction steps: While doing the following: Do For i=0; i=8160; i=i+32 Do ethtool -G enp130s0f0 rx $i tx $...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91-pio4: check return value of devmkasprintf devmkasprintf returns a pointer to dynamically allocated memory. The pointer might be NULL if the allocation fails. Check the validity of the pointer. Identified using...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: A check for s-flags was added in the alloctaggingslabfree hook function. When CONFIGMEMCG, CONFIGKFENCE, and CONFIGKMEMLEAK are enabled, the following warning always occurs. This is because the following call stack...