Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlink: A flaw related to wraparounds of sk-skrmemalloc. This issue occurs in some parts of netlink. The flaw is as follows: If atomicread&sk-skrmemalloc sk-skrcvbuf, then atomicaddskb-truesize, &sk-skrmemalloc. This issue was...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Chunk process when handling files with a samplesperchunk value of zero. An attacker can cause a segmentation fault and denial of service by providing a specially crafted HEIF file that triggers an unsigned...

SUSE CVE-2026-43341

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...

UBUNTU-CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

UBUNTU-CVE-2026-43341

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...

MGASA-2026-0112 Updated libexif packages fix security vulnerabilities

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

Astra Linux - уязвимость в imagemagick

In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/rose: integer overflows can occur when using rosesetsockopt with potentially excessively large arguments, along with additional values being applied to them. To prevent this, the safest approach is to check the contents of...

Astra Linux - уязвимость в protobuf-c, libsignal-protocol-c

protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of unsigned integer arithmetic in the message size calculation function ipcvalidatemsg,...

modsecurity3 -- multiple vulnerabilities

ModSecurity is an open source web application firewall engine. According to the upstream changelog, multiple vulnerabilities have been fixed. CVE-2026-42268: unsigned integer underflow in verify operators CVE-2026-30923: buffer overflow in hexdecode...

OSV-2026-505 UNKNOWN READ in unsigned int Assimp::StreamReader<true, true>::Get<unsigned int>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=498284131 Crash type: UNKNOWN READ Crash state: unsigned int Assimp::StreamReader::Get void Assimp::Blender::ConvertDispatcher void Assimp::Blender::Structure::ReadField...

CVE-2026-34548 iccDEV: UB at IccUtilXml.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...

SUSE CVE-2026-23343

In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail, clearly...

EUVD-2026-15371

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

UBUNTU-CVE-2026-23379

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

CVE-2026-23379

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

SUSE CVE-2026-30937

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a 32-bit unsigned integer overflow in the XWD X Windows encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of...

CVE-2026-23118

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix data-race warning and potential load/store tearing Fix the following: BUG: KCSAN: data-race in rxrpcpeerkeepaliveworker / rxrpcsenddatapacket which is reporting an issue with the reads and writes to -lasttxat in:...