SUSE CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-23301

A flaw was found in the Linux kernel's ASoC Advanced Linux Sound Architecture System on Chip SDCA SoundWire Digital Control Adapter component. The findsdcaentityiot function fails to check for successful memory allocation when assigning an entity name. This vulnerability could allow a local...

EUVD-2026-15960

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

GHSA-44P7-9XX4-HF2G Go Images vulnerable to an out-of-memory error via a crafted TIFF file

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

DEBIAN-CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-23385

A flaw was found in the Linux kernel's netfilter nftables component. A local or privileged user could trigger a failing memory allocation during a set flush operation. This vulnerability, related to how nftables handles set cloning, can lead to a kernel warning WARN splat, potentially causing...

SUSE CVE-2026-23366

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drmclientmodesetprobe may fail to kcalloc. If this occurs, we jump to 'out', calling modesdestroy on it, which dereferences it. This may result in a NULL pointer dereference in the...

USN-8123-1 mbedtls vulnerabilities

It was discovered that Mbed TLS incorrectly handled memory allocation failures. A remote attacker could possibly use this issue to crash the program. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-44732 Jonathan Winzig discovered that Mbed TLS incorrectly handled crafted...

CVE-2026-23309

A flaw was found in the Linux kernel. When the 'triggerdataalloc' function fails to allocate memory and returns a null pointer, the subsequent 'triggerdatafree' function attempts to access this null pointer. This null pointer dereference can lead to a system crash, resulting in a Denial of Servic...

CVE-2026-23366

A flaw was found in the Linux kernel's Direct Rendering Manager DRM client component. This vulnerability occurs when the system attempts to destroy an uninitialized memory pointer, specifically the 'modes' variable within the drmclientmodesetprobe function, after a memory allocation failure. This...

EUVD-2026-15348

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drmclientmodesetprobe may fail to kcalloc. If this occurs, we jump to 'out', calling modesdestroy on it, which dereferences it. This may result in a NULL pointer dereference in the...

UBUNTU-CVE-2026-23366

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drmclientmodesetprobe may fail to kcalloc. If this occurs, we jump to 'out', calling modesdestroy on it, which dereferences it. This may result in a NULL pointer dereference in the...

CVE-2026-23385

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...

CVE-2026-23385 netfilter: nf_tables: clone set on flush only

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...

CVE-2026-23366 drm/client: Do not destroy NULL modes

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drmclientmodesetprobe may fail to kcalloc. If this occurs, we jump to 'out', calling modesdestroy on it, which dereferences it. This may result in a NULL pointer dereference in the...

CVE-2026-23301

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...

PT-2026-28086

Name of the Vulnerable Software and Affected Versions LibTIFF affected versions not specified Description A specially designed TIFF file can trigger an out-of-memory error or excessive resource usage during image decoding. The issue arises from the image decoding process attempting to allocate up...