2289 matches found
OESA-2026-2805 jq security update
jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...
OESA-2026-2804 jq security update
jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...
OESA-2026-2803 jq security update
jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...
SUSE CVE-2026-13757
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
Linux Distros Unpatched Vulnerability : CVE-2026-13757
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a...
CVE-2026-13757
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
CVE-2026-13757
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
CVE-2026-13757 P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
CVE-2026-13757
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
EUVD-2026-40173
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
CVE-2026-13757 P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
CVE-2026-13757
CVE-2026-13757 affects p11-kit. The RPC attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() can form a mutually-recursive call chain with no recursion depth limit when handling nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TE...
PT-2026-53679
Name of the Vulnerable Software and Affected Versions p11-kit affected versions not specified Description A flaw exists in the RPC message attribute parsing process. The functions p11 rpc message get attribute and p11 rpc message get attribute array value create a mutually-recursive call chain th...
CVE-2026-47770
jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...
CVE-2026-52916
A flaw was found in the Linux kernel's batman-adv module. A remote attacker can exploit this vulnerability by sending specially crafted BATADVUNICASTFRAG packets, which are designed to contain other fragmented packets. This 'fragments in fragments' scenario causes the kernel to recursively proces...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: AppArmor: The recursive approach used for removing profiles has been replaced with an iterative one. The profile removal code uses recursion when removing nested profiles, which can lead to kernel stack exhaustion and system...
UBUNTU-CVE-2026-52916
In the Linux kernel, the following vulnerability has been resolved: batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once all fragments are collected and the packet is reassembled,...
EUVD-2026-38719
In the Linux kernel, the following vulnerability has been resolved: batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once all fragments are collected and the packet is reassembled,...
CVE-2026-52916
CVE-2026-52916 affects the Linux kernel’s BATMAN-adv frag handling. A crafted BATADV_UNICAST_FRAG packet can defragment into another BATADV_UNICAST_FRAG, causing unbounded recursion in batadv_batman_skb_recv() and leading to kernel stack exhaustion. The published description specifies that refrag...
Linux Distros Unpatched Vulnerability : CVE-2026-52916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once a...