945 matches found
SUSE-SU-2026:2696-1 Security update for 7zip
This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...
OPENSUSE-SU-2026:21038-1 Security update for 7zip
This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...
SUSE-SU-2026:22347-1 Security update for 7zip
This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...
Astra Linux – Vulnerability in Linux 5.15
A flaw in memory writing within the Linux kernel’s UDF file system functionality was discovered. This flaw allows a user to trigger certain file operations, which in turn triggers udfwritefi. A local user could exploit this flaw to crash the system or potentially cause other malicious actions...
SUSE CVE-2026-48102
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the CFileId::Parse function of the UDF disc image handler's File Identifier Descriptor parser. An attacker can access sensitive information or cause a crash by crafting a malicious UDF image that triggers an...
CVE-2026-48102
A flaw was found in 7-Zip. A remote attacker could exploit a heap out-of-bounds read vulnerability in the UDF Universal Disk Format disc image handler by tricking a user into opening a specially crafted UDF image file. This could lead to limited information disclosure, where an attacker might gai...
ALPINE-CVE-2026-48102
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...
CVE-2026-48102
7-Zip (versions 9.11–26.00) contains a heap out-of-bounds read in the UDF disc image handler (File Identifier Descriptor parser). In CFileId::Parse, after validating size and advancing to 38 + impLen + idLen, an alignment-padding loop reads up to 3 bytes past the end when (38 + impLen + idLen) % ...
7-Zip 缓冲区错误漏洞
7-Zip is an open-source compression software developed by 7-Zip. Versions 9.11 to 26.00 of 7-Zip contain a buffer error vulnerability. This vulnerability stems from the File Identifier Descriptor parser in the UDF disc image processor, where a heap out-of-bounds read occurs, potentially leading t...
7-Zip >= 9.11 < 26.01 UDF OOB Read (GHSL-2026-115_GHSL-2026-122)
The version of 7-Zip installed on the remote Windows host is = 9.11 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's UDF field handling, which can lead to a crash when processing a crafted UDF image. CVE-2026-48102 - A path...
SUSE CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
A flaw was found in the Linux kernel's Universal Disk Format UDF filesystem. A remote attacker could exploit this vulnerability by tricking a user into mounting a specially crafted UDF image containing repeated partition descriptors. This could lead to a heap out-of-bounds write, potentially...
EUVD-2026-32287
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...
UBUNTU-CVE-2026-45991
In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...