ext4: avoid infinite loops caused by residual data

...

CVE-2026-31448

A flaw was found in the Linux kernel's ext4 filesystem. When creating a directory or node, if an extent insertion fails, the system may not properly clear residual data. This can lead to a situation where both directory and extended attribute xattr blocks simultaneously use the same memory buffer...

CVE-2026-31448

CVE-2026-31448 concerns the Linux kernel ext4 filesystem. The issue arises on mkdir/mknod when an extent insertion fails and ext4_ext_map_blocks() reclaims blocks without removing corresponding data from the extent tree, allowing the same physical block to be referenced by both directory and xatt...

CVE-2026-3774

Foxit PDF Editor/Reader (pre-2026.1) is affected by CVE-2026-3774 due to PDF JavaScript and document/print actions (WillPrint/DidPrint) updating form fields, annotations, or OCGs around redaction, encryption, or printing. The script-driven updates are not fully covered by the existing redaction/e...

SUSE SLES15 / openSUSE 15 Security Update : freerdp (SUSE-SU-2026:0761-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0761-1 advisory. - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in...

SUSE SLES12 Security Update : freerdp (SUSE-SU-2026:0762-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0762-1 advisory. - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in irpthreadfunc...

SUSE-SU-2026:0761-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. - CVE-2026-23533: improper validation can lead to heap buffer overflow in...

SUSE-SU-2026:0683-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. - CVE-2026-23533: improper validation can lead to heap buffer overflow in...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...

freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

CVE-2026-23533

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

CVE-2026-23533 FreeRDP has heap-buffer-overflow in clear_decompress_residual_data

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color output. A malicious server can trigger a...

CVE-2026-23533

CVE-2026-23533 – FreeRDP : Affects FreeRDP prior to version 3.21.0, where the RDPGFX ClearCodec decode path can fail due to crafted residual data causing out-of-bounds writes. This leads to a client crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior...

EUVD-2022-25741

Malicious code in bioql PyPI...

CVE-2025-8860

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFIVARSREGBUFFERSIZE, the .write callback uefivarswrite is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. Wh...

CVE-2022-20481

In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

CVE-2022-20481

In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

Information disclosure

In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

CVE-2022-20481

In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

ASB-A-241927115

In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...