OESA-2026-2411 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

CVE-2026-39886 OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl()

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

CVE-2026-5450

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

CVE-2026-5450 scanf %mc off-by-one heap buffer overflow

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

CVE-2026-5450 scanf %mc off-by-one heap buffer overflow

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

PT-2026-33851

Name of the Vulnerable Software and Affected Versions glibc versions 2.7 through 2.43 Description Calling the scanf family of functions using a %mc malloc'd character match with a format width specifier that has an explicit width greater than 1024 can lead to a one byte heap buffer overflow...

CVE-2026-4985

A flaw was found in dloebl CGIF, a GIF image handler component. A remote attacker could exploit an integer overflow vulnerability by manipulating the width or height arguments when adding a frame. This could lead to a denial of service DoS, making the affected system or application unavailable...

CVE-2026-4985

A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgifaddframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier ...

SUSE CVE-2025-62171

ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating...

CVE-2024-50177

CVE-2024-50177 concerns the Linux kernel amdgpu display driver (DML2.1). The issue is a UBSAN shift-out-of-bounds triggered when programming phantom pipes and cursor_width is explicitly set to 0, causing an overflow in 32-bit size calculations. The published fix adds a guard to validate cursor wi...

SUSE CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...

FreeBSD : xen-kernel -- x86 shadow pagetables: address width overflow (d51ced72-4212-11e6-942d-bc5ff45d0f28)

The Xen Project reports : In the x86 shadow pagetable code, the guest frame number of a superpage mapping is stored in a 32-bit field. If a shadowed guest can cause a superpage mapping of a guest-physical address at or above 2^44 to be shadowed, the top bits of the address will be lost, causing a...

Fedora 24 : xen-4.6.1-6.fc24 (2016-48e72b7bc5)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

Fedora 22 : xen-4.5.3-2.fc22 (2016-75063477ca)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

Fedora 23 : xen-4.5.3-2.fc23 (2016-35d7b09908)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...