Unity Linux 20.1060e / 20.1070e Security Update: hiredis (UTSA-2026-016624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016624 advisory. Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or...

freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. The StreamEnsureCapacity function can create an endless blocking loop, leading to a Denial of Service DoS. This vulnerability can be exploited on 32-bit systems where the available physical memory is greater than o...

Linux Distros Unpatched Vulnerability : CVE-2026-43302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size...

CVE-2026-30909

Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcmencryptafternm and seal functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer. Encountering this...

EUVD-2026-10199

Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcmencryptafternm and seal functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer. Encountering this...

CVE-2026-30910

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer...

CVE-2026-27951

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Revert "riscv: Define TASKSIZEMAX for accessok" This reverts commit ad5643cf2f69 "riscv: Define TASKSIZEMAX for accessok". This commit changes TASKSIZEMAX to be LONGMAX to optimize accessok, because the previous TASKSIZEMAX defau...

Linux Distros Unpatched Vulnerability : CVE-2024-57255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting ...

DEBIAN-CVE-2023-33863

SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. 0xffffffff is sign-extended to 0xffffffffffffffff SIZEMAX and then there is an attempt to add 1...

SUSE CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow

A flaw was found in grub2 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow, leading to a zero-sized memory allocation with a subsequent heap-based buffer overflow. The highest threat from this...

DEBIAN-CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow...

UBUNTU-CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow...

DEBIAN-CVE-2018-6551

The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller than requested, eventually...