CVE-2026-52914

A flaw was found in the Linux kernel's batman-adv component. This vulnerability allows a local attacker to cause a denial of service DoS by sending malformed fragment chains. The flaw is due to incorrect accounting of fragment reassembly length, which can be truncated during updates, bypassing...

EUVD-2026-38717

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly. That accounting currently allows the accumulated...

CVE-2026-52914

CVE-2026-52914 concerns the Linux kernel’s batman-adv fragment reassembly path. The vulnerability arises from how a running payload length for queued fragments is accumulated and used to validate a fragment chain; the length accounting could be truncated during updates, allowing malformed fragmen...

CVE-2026-52914

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly. That accounting currently allows the accumulated...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the fraglist used for reassembly is not shared with other packets. This prevents incorrect reassembly when packets are cloned, and avoids a memory leak caused by circular...

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

SUSE SLES12 Security Update : gnutls (SUSE-SU-2026:2366-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2366-1 advisory. This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. -...

SUSE SLES12 Security Update : gnutls (SUSE-SU-2026:2367-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2367-1 advisory. This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. -...

CVE-2026-46340

Netty SCTP reassembly vulnerability (CVE-2026-46340) affects netty-transport-sctp before 4.1.135.Final and 4.2.15.Final. For each non-complete SctpMessage fragment, fragments are accumulated by wrapping the previous accumulator with the new slice into a new CompositeByteBuf, creating an unbounded...

CVE-2026-46340 Netty: SCTP reassembly nests buffers without bound

Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping t...

SUSE-SU-2026:2367-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. - CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. - CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708...

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...

SUSE-SU-2026:2366-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. - CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. - CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708...

CVE-2026-5068

A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables segmentation via chanops.allocbuf and the chosen RX pool has a userdatasize smaller than 2 bytes, the segmentation counter stored in t...

EUVD-2026-35353

A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables segmentation via chanops.allocbuf and the chosen RX pool has a userdatasize smaller than 2 bytes, the segmentation counter stored in t...

GHSA-5XRH-QMMQ-W6CH Netty: SCTP reassembly nests buffers without bound

For each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping the previous accumulator and the new slice into a new CompositeByteBuf every time. After N fragments the accumulator is an N-deep chain of composites, each holding...

Netty: SCTP reassembly nests buffers without bound

For each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping the previous accumulator and the new slice into a new CompositeByteBuf every time. After N fragments the accumulator is an N-deep chain of composites, each holding...

TencentOS Server 4: gnutls (TSSA-2026:0305)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0305 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2026-6022

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

RLSA-2026:20613 Important: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an underflow with a DTLS datagram...