12026 matches found
CVE-2026-23244
In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace can...
CVE-2026-23244
CVE-2026-23244 affects the Linux kernel and stems from nvme_pr_read_keys() allocating memory based on a user-supplied num_keys value. The code uses num_keys to determine the rse allocation size up to an upper limit PR_KEYS_MAX (64K). A malicious or buggy userspace input can cause a kzalloc-based ...
CVE-2026-23244
In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace can...
CVE-2026-23244 nvme: fix memory allocation in nvme_pr_read_keys()
In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace can...
CVE-2025-71267
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
CVE-2025-71267
CVE-2025-71267 : In the Linux kernel ntfs3 file system, a flaw in ATTR_LIST handling can cause an infinite loop and DoS during mount. Specifically, when ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, memory is still allocated due to al_aligned(0), leaving ni->...
CVE-2025-71267 fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
CVE-2026-32836
An uncontrolled memory allocation vulnerability has been discovered in the drlibs library. The drflacreadanddecodemetadata function allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and...
Linux Distros Unpatched Vulnerability : CVE-2026-23244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. T...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility that the xchkxfiledescr macro call for kasprintf may fail, potentially leading to memor...
PT-2026-26202
Name of the Vulnerable Software and Affected Versions DeepDiff versions 5.0.0 through 8.6.1 Description DeepDiff is a Python project for deep difference and search of data. The pickle unpickler RestrictedUnpickler validates which classes can be loaded but does not limit their constructor argument...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the numkeys value provided by the user in the nvmeprreadkeys function. This...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the drflacreadanddecodemetadata function. An attacker can cause excessive memory allocation by supplying crafted FLAC streams with maliciously controlled mimeLength and descriptionLength...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the drflacreadanddecodemetadata function. An attacker can cause excessive memory allocation by supplying crafted FLAC streams with maliciously controlled mimeLength and descriptionLength...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the drflacreadanddecodemetadata function. An attacker can cause excessive memory allocation by supplying crafted FLAC streams with maliciously controlled mimeLength and descriptionLength...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the drflacreadanddecodemetadata function. An attacker can cause excessive memory allocation by supplying crafted FLAC streams with maliciously controlled mimeLength and descriptionLength...
DEBIAN-CVE-2026-32836
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
CVE-2026-32836
CVE-2026-32836 affects dr_libs up to version 0.13.3, where drflac__read_and_decode_metadata() can trigger uncontrolled memory allocation via crafted PICTURE metadata blocks. Attackers can set attacker-controlled mimeLength and descriptionLength to cause memory exhaustion and denial of service whi...
EulerOS Virtualization 2.10.0 : libarchive (EulerOS-SA-2026-1558)
According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...