CVE-2026-7736

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

CVE-2026-7737

CVE-2026-7737 affects osrg GoBGP up to 4.3.0. The vulnerability lies in the BMP parser, specifically BMPPeerUpNotification.ParseBody and BMPStatisticsReport.ParseBody in pkg/packet/bmp/bmp.go, where input manipulation leads to an out-of-bounds read. The issue is exploitable remotely. A fix is pub...

EUVD-2026-26917

A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...

CVE-2026-7736 osrg GoBGP mrt.go parseRibEntry integer underflow

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

CVE-2026-7736

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

CVE-2026-7736 osrg GoBGP mrt.go parseRibEntry integer underflow

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

EUVD-2026-26916

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

CVE-2025-70071

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

PT-2026-36827

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

CVE-2026-37461

CVE-2026-37461 describes an out-of-bounds read in gobgp v4.3.0, in the ParseIP6Extended function (/bgp/bgp.go). The vulnerability can be exploited by a crafted BGP UPDATE message, leading to a Denial of Service. The provided documents identify the affected component and the root cause, but do not...

Astra Linux - уязвимость в linux

In the Linux kernel up to version 5.8.7, local attackers who were able to inject conntrack netlink configurations could exploit an overflow in a local buffer, resulting in crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink....

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cxl/acpi: Fixed a use-after-free in cxlparsecfmws KASAN and KFENCE detected a use-after-free in the CXL driver. This occurs in the cxldecoderadd function’s failure path. KASAN prints the following error: BUG: KASAN:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: The error check in parsebtffield has been fixed. btffindstructmember may return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. This issue is fixed b...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Fix for ofk3udmaglueParsechnbyid The ofk3udmaglueParsechnbyid helper function erroneously invokes “ofnodeput” on the “udmaxnp” device node that was passed to it. Additionally, its reference count was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: Fix for oops due to invalid pointer for kfree in parselongname This fix addresses a kernel oops that occurs when reading ceph snapshot directories .snap. For example, simply running ls /mnt/myceph/.snap can cause the issue...

Astra Linux - уязвимость в parsec

The vulnerability of the parsecmdlin function in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

Astra Linux - уязвимость в audit

The vulnerability of the ausearch-parse.c component, a storage and search tool for audit records in Linux Audit, relates to reading data from the buffer beyond its allowable limits. Exploiting this vulnerability allows an attacker to cause service failures...

Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeros...