2520 matches found
CVE-2026-53151
A flaw was found in the Linux kernel's AFRXRPC subsystem. This vulnerability involves incorrect handling of fragmented UDP packets when parsing the SACK Selective Acknowledgment table. An attacker could potentially craft a fragmented UDP packet to trigger an incorrect buffer access within the...
CVE-2026-52931
A flaw was found in the batman-adv tpmeter module of the Linux kernel. A remote attacker could exploit this vulnerability by sending a specially crafted acknowledgment ACK packet to a node configured as a receiver in an ongoing tpmeter session. This could lead to the use of uninitialized sender...
CVE-2026-52931
In the Linux kernel, the following vulnerability has been resolved: batman-adv: tpmeter: avoid use of uninit sender vars batadvtprecvack and batadvtpstop are only valid for tpvars in the BATADVTPSENDER role. When called with a BATADVTPRECEIVER role, it proceeds to read sender-only members that we...
SUSE-SU-2026:2599-1 Security update for libarchive
This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. - CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop and DoS bsc1259635. - CVE-2026-4424:...
CVE-2026-55392
A flaw was found in NILFS utilities. An attacker can exploit this vulnerability by supplying a crafted NILFS2 image. This can lead to undefined behavior, oversized shifts, or out-of-memory conditions, ultimately causing a Denial of Service DoS by crashing tools such as nilfs-tune and dumpseg...
SUSE CVE-2026-55392
NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed an out-of-bounds shift in the exponential backoff mechanism. The ENA adapters on our instances occasionally reset. Recently, a UBSAN failure was logged on the console during this process: UBSAN: Out-of-bounds shif...
Astra Linux – Vulnerability in imagemagick
A floating-point mathematical calculation within the ScaleAnyToQuantum function in /MagickCore/quantum-private.h could lead to undefined behavior, resulting in a value that falls outside the range of the type unsigned long long. This flaw can be triggered by a malicious input file under certain...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick’s coders, specifically in the webp.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The most significant threat of this vulnerability is the impact on system...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfsdmap.c:1965:6 The index -84 is out of range for the type ‘s8341’. CPU: 1 PID:...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick, specifically in the code file coders/bmp.c. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned int. This likely leads to a disruption in the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: stmmac: fixed an issue with left shift overflow in DMA queues When the queue number is greater than 4, left shift overflows due to the 32-bit integer variable used in calculations. The mask calculation for MTLRXQDMAMAP1 i...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: Shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27; shift exponent 245 is too large for a 32-bit type ‘int’. When t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents UBSAN errors occurring in truesectorsperclst. The syzbot reported the following UBSAN error: 76.901829 T6677 ================================================================================ 76.903908...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick, specifically in the MagickCore/statistic.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned long. This likely leads to a disruption in t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bcache: Fixed the abuse of variable-length arrays in btreeiter. btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set...
Astra Linux – Vulnerability in Firefox
The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox versions less than 126...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick’s MagickCore/segment.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, specifically a division by zero in mathematics. This likely results in a disruption to the application’s functionality, but it may al...
Astra Linux – Vulnerability in imagemagick
In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets were causing undefined behavior, including integer overflow and out-of-range values, as reported by UndefinedBehaviorSanitizer. Such issues could negatively...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick’s MagickCore/statistic.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of type unsigned long. This likely affects the availability of the application, but ...