Astra Linux - уязвимость в qemu

A flaw was discovered in the USB redirector device usb-redir of QEMU. Small USB packets are combined into a single, large transfer request, in order to reduce overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array VLA on th...

CVE-2026-32708

CVE-2026-32708 affects the PX4 Autopilot’s Zenoh uORB subscriber. Before 1.17.0-rc2, it allocates a stack VLQuestion from the incoming payload length without bounds, enabling a remote Zenoh publisher to send an oversized, fragmented message that triggers an unbounded stack allocation and a stack ...

PT-2026-25393

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh publisher can send an oversized fragmented message to force an unbounded stack allocation and copy,...

CVE-2026-22188 Panda3D <= 1.10.16 Deploy-Stub Stack Exhaustion via Unbounded alloca()

The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation...

CVE-2026-22188

Panda3D up to version 1.10.16 is affected by a DoS due to unbounded stack allocation in the deploy-stub. The deploy-stub allocates argv_copy and argv_copy2 with alloca() based on attacker-controlled argc without validation, which can exhaust stack space and crash the process during Python interpr...

SUSE: Security Advisory (SUSE-SU-2021:3635-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:3635-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - Fix heap use-after-free in virtionetreceivercu bsc1189938, CVE-2021-3748 - Fix out-of-bounds write in UAS USB Attached SCSI device emulation bsc1189702, CVE-2021-3713 - usbredir: free call on invalid pointer in bufpalloc...

SUSE: Security Advisory (SUSE-SU-2021:3613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:3614-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - Fix out-of-bounds write in UAS USB Attached SCSI device emulation bsc1189702, CVE-2021-3713 - Fix heap use-after-free in virtionetreceivercu bsc1189938, CVE-2021-3748 - usbredir: free call on invalid pointer in bufpalloc...

Security update for qemu (important)

openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2021:3614-1 Rating: important References: 1180432 1180433 1180434 1180435 1182651 1186012 1189145 1189702 1189938 Cross-References: CVE-2020-35503 CVE-2020-35504 CVE-2020-35505 CVE-2020-35506 CVE-2021-20255...

A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single large transfer request to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack resulting in a denial of service.

...

Amazon Linux AMI : glibc (ALAS-2017-877)

Unbounded stack allocation in catopen function A stack based buffer overflow vulnerability was found in the catopen function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code.CVE-2015-8779 Integer overflow in hcreate and hcreater An...

glibc: Unbounded stack allocation in catopen function

A stack based buffer overflow vulnerability was found in the catopen function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code...

Oracle Linux 6 : glibc (ELSA-2017-0680)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0680 advisory. - Fix CVE-2015-8779 glibc: Unbounded stack allocation in catopen function 1358015. - Fix CVE-2015-8778 glibc: Integer overflow in hcreate and hcreater...

Ubuntu: Security Advisory (USN-3239-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

glibc: Unbounded stack allocation in nan* functions

A stack overflow vulnerability was found in nan functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code...