25 matches found
EUVD-2026-30708
Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...
CLSA-2026-1776965343 Fix CVE(s): CVE-2022-29404
SECURITY UPDATE: DoS via unbounded request body in modlua - debian/patches/CVE-2022-29404-part1.patch: set APDEFAULTLIMITREQBODY to 1GB in server/core.c, enforce LimitRequestBody in apsetupclientblock in modules/http/httpfilters.c, remove redundant proxy check in modules/proxy/modproxyhttp.c. -...
CVE-2026-6386
In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...
CVE-2026-6386 Missing large page handling in pmap_pkru_update_range()
In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...
PT-2026-34242
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the kernel's handling of protection keys for address ranges. The subroutine responsible for updating page table entries fails to account for 1GB largepage mappings creat...
FreeBSD : FreeBSD -- Missing large page handling in pmap_pkru_update_range() (128951d0-3df0-11f1-bb07-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 128951d0-3df0-11f1-bb07-bc241121aa0a advisory. In order to apply a particular protection key to an address range, the kernel must update the...
Oracle Linux 8 : osbuild-composer (ELSA-2026-8456)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8456 advisory. 101.4-5.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types...
osbuild-composer security update
101.4-4.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002910)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002910 advisory. The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003456)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003456 advisory. The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum...
pypdf's LZWDecode streams be manipulated to exhaust RAM
Impact An attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This is a follow up to GHSA-jfx9-29x2-rv3j to align the default limit with the one for zlib. Patche...
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...
SUSE CVE-2017-1000371
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum under the 1/4 restriction then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimu...
CLSA-2022-1668705928 httpd: Fix of 2 CVEs
CVE-2022-28614: handle large writes in aprputs - CVE-2022-29404: use a liberal default limit for LimitRequestBody of 1GB...
CVE-2021-28708
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
ALPINE-CVE-2020-27672
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages...
ALPINE-CVE-2016-8617
The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...