CLSA-2026-1776848113 gimp: Fix of 2 CVEs

CVE-2026-2239: fix heap-buffer-overflow in freadpascalstring when processing PSD files and a follow-up NULL pointer dereference in loadresource1006 alpha names handling - CVE-2026-2272: fix integer overflow in ICO file loading...

CVE-2026-6844

CVE-2026-6844 affects the readelf utility in the binutils package. A crafted ELF file can trigger two DoS conditions: (1) resource exhaustion leading to out-of-memory and (2) a null pointer dereference causing a segmentation fault. Both can render readelf unresponsive or crash, resulting in denia...

CVE-2026-6844

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

CVE-2026-6844 Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

CVE-2026-6844

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

CVE-2026-6844 Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

PowerDNS Recursor（pdns_recursor） 代码问题漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. There is a code vulnerability in PowerDNS Recursor, which stems from the ability for attackers to send responses that lead to null pointer dereferencing. Due to lack of consistency checks,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013659 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver field...

Linux Distros Unpatched Vulnerability : CVE-2026-31437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013538)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013538 advisory. In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf-sg = NULL if the creation of sg table fails When userspace tries to map the...

PT-2026-34326

An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default...

PT-2026-34341

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llist abort desc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...

PT-2026-34313

Name of the Vulnerable Software and Affected Versions binutils affected versions not specified Description A flaw in the readelf utility allows a local attacker to cause a denial of service by providing a specially crafted Executable and Linkable Format ELF file. This can occur through two...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013613 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in sndmts64interrupt I got a null-ptr-defer error report...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013486 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelimref arguments in btrfsprelimref btrfsprelimref calls the old an...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013572 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-dere...

Linux Distros Unpatched Vulnerability : CVE-2026-6844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a special...

PowerDNS Recursor（pdns_recursor） 代码问题漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. There is a code vulnerability in PowerDNS Recursor. This vulnerability arises from the use of the zoneToCache function, where attackers can send zones that result in null pointer...