CLSA-2026-1779462193 Fix CVE(s): CVE-2026-33515

SECURITY UPDATE: out-of-bounds read when handling malformed ICP traffic - debian/patches/CVE-2026-33515.patch: validate ICP packet sizes and URLs in icpGetUrl; reject non-NUL-terminated URLs, URLs with embedded NULs or trailing garbage; guard icpHandleUdp against a nil icpOutgoingConn pointer -...

CLSA-2026-1770667352 openssl: Fix of 3 CVEs

CVE-2025-69418: fix OCB AES-NI/HW stream path leaving trailing bytes unauthenticated/unencrypted by advancing pointers after stream processing - CVE-2025-69420: fix missing ASN1TYPE validation in TSRESPverifyresponse for signing certificate attributes - CVE-2025-15468: add a NULL guard before...

Linux Distros Unpatched Vulnerability : CVE-2026-22987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an...

EUVD-2013-4634

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-37855

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Guard Possible Null Pointer Dereference WHY In some situations, dc-respool may be null. HOW Check if pointer is null before dereference...

SUSE CVE-2021-47003

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxdcmdexec that pass a null status pointer however a recent commit has added an assignment to status that can end up with a null pointer...

SUSE CVE-2013-4788

The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...

SUSE CVE-2015-8777

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

NewStart CGSL MAIN 5.04 : glibc Multiple Vulnerabilities (NS-SA-2019-0012)

The remote NewStart CGSL host, running version MAIN 5.04, has glibc packages installed that are affected by multiple vulnerabilities: - elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the...

glibc: LD_POINTER_GUARD in the environment is not sanitized

It was found that the dynamic loader did not sanitize the LDPOINTERGUARD environment variable. An attacker could use this flaw to bypass the pointer guarding protection on set-user-ID or set-group-ID programs to execute arbitrary code with the permissions of the user running the application...

GNU C Library Security Mechanism Bypass Vulnerability

glibc is the libc library, or c runtime library, released by GNU. A security vulnerability exists in the function processenvvars within elf/rtld.c of the GNU C Library, where a local attacker can bypass the pointer guard protection mechanism by using a zero value within the LDPOINTERGUARD...

DEBIAN-CVE-2015-8777

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

UBUNTU-CVE-2015-8777

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

GNU glibc 'LD_POINTER_GUARD' Elevation of Privilege Vulnerability

GNU glibc is an open source, free C compiler released under the LGPL license. A security vulnerability exists in GNU glibc 'LDPOINTERGUARD' which allows local attackers to exploit the vulnerability to elevate privileges...

SuSE 11.3 Security Update : glibc (SAT Patch Number 8337)

This update for glibc contains the following fixes : - Fix integer overflows in malloc. CVE-2013-4332, bnc839870 - Fix buffer overflow in glob. bnc691365 - Fix buffer overflow in strcoll. CVE-2012-4412, bnc779320 - Update mount flags in . bnc791928 - Fix buffer overrun in regexp matcher...

CVE-2013-4788

The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...

DEBIAN-CVE-2013-4788

The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...

Buffer overflow

The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...

CVE-2013-4788

The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...

UBUNTU-CVE-2013-4788

The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...