BIT-PYTHON-MIN-2026-4224 Stack overflow parsing XML with deeply nested DTD content models

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs...

BIT-LIBPYTHON-2026-4224 Stack overflow parsing XML with deeply nested DTD content models

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs...

SUSE-SU-2026:2023-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...

SUSE-SU-2026:2022-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...

Security update for ImageMagick

This update for ImageMagick fixes the following issues CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SU...

Security update for ImageMagick

This update for ImageMagick fixes the following issues CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SU...

SUSE-SU-2026:2020-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...

Astra Linux - уязвимость в libjettison-java

It was discovered that Jettison before version 1.5.2 contained a stack overflow vulnerability through the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a specially crafted string...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fixed stack handling in idlekvmstartguest In commit 10d91611f426 “powerpc/64s: Reimplemented the book3s idle code in C”, kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch addressed a issue related to KASAN in stv0367; now a similar problem has emerged with clang: drivers/media/dvb-frontends/stv0367.c:1222:12: Error:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fixed a possible incorrect match in nfosffind. nfosffind incorrectly returns true in case of a mismatch, which leads to copying uninitialized memory areas in nftosf. This can result in leaking stale kerne...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, the patch 2039f26f3aca “bpf: Fixed leakage due to insufficient speculative store bypass mitigation” inserts lfence instructio...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: virtio/akcipher – Fixed a stack overflow issue in memcpy. The value of sizeofstruct virtiocryptoakciphersessionpara is less than sizeofstruct virtiocryptoopctrlreq::u. Copying more bytes from the stack variable leads t...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures in case of failure. Wipe all sensitive data from the stack for all IOCTLs that convert a clear-key into a protected-or-secure-key...

Astra Linux - уязвимость в memcached

In memcached 1.5.16, when UNIX sockets are used, there is a stack-based buffer over-read issue in the conntostr function in memcached.c...

Astra Linux - уязвимость в faad2

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impacts, as the SM array is mishandled...

Astra Linux - уязвимость в libxstream-java

XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service by manipulating the input stream. The attack exploits the hash code implementation used for...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

Astra Linux - уязвимость в musl

The musl libc version up to 1.1.23 has an x87 floating-point stack adjustment imbalance, which is related to the math/i386/ directory. In some cases, using this library may lead to out-of-bounds writes, which are not present in an application’s source code...

Astra Linux - уязвимость в gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...