CVE-2026-47333

Summary (MODE C) : Ubuntu Linux 6.8, 6.17 and 7.0 include AppArmor SAUCE patches which may miscompute an internal buffer size, causing a heap memory out-of-bounds read in the AppArmor DFA policy engine’s notification handling code. The issue can be triggered by an unprivileged local user and can ...

EUVD-2026-32988

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data...

ROS-20260527-73-0002

A vulnerability in the NFSv4.0 component of the Linux operating system kernel is related to incorrect calculations of the allocated buffer size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2026-30265

An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "stringbuilder::escapeandappend" when processing very large input strings on platforms with limited "sizet" width e.g., 32-bit builds. The overflow can cause insufficient buffer...

BIT-JAVA-2025-6052 Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...

PT-2026-38053

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...

CVE-2026-31553

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine component. Specifically, in the ARM64 architecture, an incorrect calculation of the descriptor address in the kvmatswapdesc function could lead to memory corruption. This vulnerability may allow an attacker to cause system...

EUVD-2026-25396

Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service...

CVE-2026-1949

Delta Electronics AS320T is affected by CVE-2026-1949 due to an incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service. The available reports identify the host device and the vulnerable component as the AS320T web service handling GET/PUT requests,...

CVE-2026-35370

The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's real GID instead of their effective GID to compute the group list, leading to potentially divergent output compared to GNU coreutils. Because many scripts and automated processes...

CVE-2026-35370

The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's real GID instead of their effective GID to compute the group list, leading to potentially divergent output compared to GNU coreutils. Because many scripts and automated processes...

UBUNTU-CVE-2026-35370

The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's real GID instead of their effective GID to compute the group list, leading to potentially divergent output compared to GNU coreutils. Because many scripts and automated processes...

CVE-2026-31432

A flaw was found in the ksmbd component of the Linux kernel. This vulnerability allows an attacker to cause the system to write data beyond its intended memory boundaries when processing specific network requests. Specifically, when a complex request combines data reading with security informatio...

CVE-2026-40493

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...

CVE-2026-31415

A flaw was found in the Linux kernel. A local attacker can exploit an integer overflow vulnerability in the ip6datagramsendctl function when processing multiple IPv6 Destination Options DSTOPTS control messages. This issue causes an incorrect calculation of header sizes, leading to a buffer...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...

Linux Distros Unpatched Vulnerability : CVE-2026-23377

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects...

CVE-2025-33216

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

PT-2026-27501

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

Unity Linux 20.1060a / 20.1070a Security Update: glib2 (UTSA-2026-005914)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005914 advisory. A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape...