RockyLinux 9 : samba (RLSA-2026:25049)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25049 advisory. samba: Missing access check on reparse point operations CVE-2026-1933 samba: vfsworm does not block directory modification CVE-2026-2340 samba: group...

RLSA-2026:22963 Critical: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Missing access check on reparse point operations...

AlmaLinux 9 : samba (ALSA-2026:25049)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25049 advisory. samba: Missing access check on reparse point operations CVE-2026-1933 samba: vfsworm does not block directory modification CVE-2026-2340 samba: group...

RockyLinux 10 : samba (RLSA-2026:22963)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22963 advisory. samba: Missing access check on reparse point operations CVE-2026-1933 samba: vfsworm does not block directory modification CVE-2026-2340 samba: group...

AlmaLinux 10 : samba (ALSA-2026:22963)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22963 advisory. samba: Missing access check on reparse point operations CVE-2026-1933 samba: vfsworm does not block directory modification CVE-2026-2340 samba: group...

ngtcp2: ngtcp2: Denial of service via stack buffer overflow during QUIC handshake

A flaw was found in ngtcp2, a C implementation of the IETF QUIC Quick UDP Internet Connections protocol. A remote attacker can exploit a stack buffer overflow vulnerability by sending specially crafted, large transport parameters during the QUIC handshake. This occurs when the qlog callback is...

Critical: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : ngtcp2 vulnerability (USN-8300-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8300-1 advisory. Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking...

USN-8300-1 ngtcp2 vulnerability

Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog was enabled, a remote attacker could possibly use this issue to execute arbitrary code...

USN-8300-1: ngtcp2 vulnerability

Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog was enabled, a remote attacker could possibly use this issue to execute arbitrary code...

JLSEC-2026-426 When using `CURLOPT_PINNEDPUBLICKEY` option with libcurl or `--pinnedpubkey` with the curl tool...

When using CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool,curl should check the public key of the server certificate to verify the peer. This check was skipped in a certain condition that would then make curl allow the connection without performing the proper chec...

Important: ngtcp2

Issue Overview: ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently...

[SECURITY] Fedora 44 Update: ngtcp2-1.22.1-1.fc44

"Call it TCP/2. One More Time." ngtcp2 project is an effort to implement RFC9000 QUIC protocol...

[SECURITY] Fedora 43 Update: ngtcp2-1.22.1-1.fc43

"Call it TCP/2. One More Time." ngtcp2 project is an effort to implement RFC9000 QUIC protocol...

Fedora 43 : ngtcp2 (2026-a0f25484e9)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a0f25484e9 advisory. Update to 1.22.1 rhbz2452790 - Fixes CVE-2026-40170 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Fedora 44 : ngtcp2 (2026-705eb9cf95)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-705eb9cf95 advisory. Update to 1.22.1 rhbz2452790 - Fixes CVE-2026-40170 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

[SECURITY] [DSA 6222-1] ngtcp2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6222-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 21, 2026 https://www.debian.org/security/faq -...

Debian dsa-6222 : libngtcp2-16 - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6222 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6222-1 [email protected] https://www.debian.org/security/...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ngtcp2: ngtcp2-1.22.1-1.hum1 aarch64, x8664 ngtcp2-crypto-gnutls-1.22.1-1.hum1 aarch64, x8664 ngtcp2-crypto-gnutls-devel-1.22.1-1.hum1 aarch64, x8664 ngtcp2-crypto-ossl-1.22.1-1.hum1 aarch64, x86...

SUSE CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...