EUVD-2026-33443

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets...

EUVD-2026-33425

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...

OESA-2026-2467 libsolv security update

A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: Security Fixes: A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative siz...

SUSE CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

UBUNTU-CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

CVE-2026-9149

The CVE-2026-9149 entry describes a heap buffer overflow in libsolv, triggered when processing a crafted .solv file that contains negative size values fed to the repo_add_solv function. This results in an undersized allocation followed by an out-of-bounds write, enabling a potential denial of ser...

CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

PT-2026-42274

Name of the Vulnerable Software and Affected Versions libsolv affected versions not specified Description A heap buffer overflow occurs when processing a specially crafted .solv file containing negative size values in the repo add solv function. This results in an undersized memory allocation and...

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Heap-based Buffer Overflows because it mishandles the "-F’.‘” syntax on the command line. This may allow privilege escalation from any user to root. This issue occurs due to the incorrect interpretation of negative sizes in the strncpy function...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: negative file sizes are now rejected in squashfsread inode. Syskaller reports a “WARNING in ovlcopyupfile” in overlayfs. This warning occurs because the underlying Squashfs file system returns a file with a negative...

AZL-70073 CVE-2025-40200 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...

CVE-2021-47511 ALSA: pcm: oss: Fix negative period/buffer sizes

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with sizet. Due to that, a to...

SUSE CVE-2020-28013

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.'" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy...

SUSE CVE-2021-41222

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SplitV can trigger a segfault is an attacker supplies negative arguments. This occurs whenever sizesplits contains more than one value and at least one value is negative. The fix will be include...

GSD-2021-1002406 ALSA: pcm: oss: Fix negative period/buffer sizes

ALSA: pcm: oss: Fix negative period/buffer sizes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.258 by commit...

Exim buffer overflow vulnerability (CNVD-2021-34532)

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. A heap buffer overflow vulnerability exists in Exim in parsefixphrase, which stems from interpreting negative sizes in strncpy, and can be exploited by an attacker to elevate...