6963 matches found
Denial Of Service (DoS)
qs is vulnerable to Denial of Service DoS. The vulnerability is due to parseArrayValue returning val.split',' before enforcing arrayLimit, allowing attackers to supply a comma-heavy parameter that creates arbitrarily large arrays in memory without triggering throwOnLimitExceeded, leading to...
SUSE CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
CVE-2026-2517
A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...
CVE-2026-2517
Open5GS vulnerable up to version 2.7.6 due to a flaw in the SMF component. The issue is in ogs_gtp2_parse_tft (library lib/gtp/v2/types.c) where manipulating pf[0].content.length can cause a denial of service. Exploitation can be performed remotely, and public proof-of-concept code exists. The vu...
openSUSE 16 Security Update : htmldoc (openSUSE-SU-2026:20219-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20219-1 advisory. Changes in htmldoc: - CVE-2024-46478: Fixed buffer overflow when handling tabs through the parsepre function bsc1232380. - version update to...
PT-2026-8238
A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogs gtp2 parse tft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be...
CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
UBUNTU-CVE-2025-71204
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...
UBUNTU-CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
UBUNTU-CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201
CVE-2026-23201: Linux kernel fix for ceph oops due to invalid pointer in kfree() within parse_longname(). Root cause was advancing the pointer to skip the initial '_' in ceph snapshot names, causing kfree() to receive an invalid pointer when listing .snap directories. The patch eliminates the poi...
EUVD-2026-5848
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
PT-2026-8207
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAP QUERY to fetch optional build ID only after dropping mmap lock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbo...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the reference count is not released in the parsedurablehandlecontext function,...
SUSE-SU-2026:20352-1 Security update for protobuf
This update for protobuf fixes the following issues: - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173...