Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: sm712fb: Fixed a crash in smtcfbwrite When the sm712fb driver writes three bytes to the framebuffer, the driver crashes. Bug: Unable to handle a page fault for the address: ffffc90001ffffff RIP:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ata: satadwc460ex: Fixed a crash that occurred due to out-of-bounds writing. The driver utilizes the “tag” values from various arrays provided by libata. Since the mentioned patch increased ATATAGINTERNAL to 32, the value of...

OESA-2026-2643 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

CVE-2026-53461

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions 6.9.13-50 and...

Security update for tor (moderate)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2026:0188-1 Rating: moderate References: Affected Products: openSUSE Backports SLE-15-SP7 An update that contains security fixes can now be installed. Description: This update for tor fixes the following issues: - Upda...

PT-2026-47226

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027631 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcd fmt conv 422sp to 420p ihevcd fmt conv ihevcd decode...

GO-2026-4994 free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf

free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/subId crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf...

CVE-2026-22166

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

PT-2026-25980

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-17 ImageMagick versions prior to 6.9.13-42 Description ImageMagick is software used for editing and manipulating digital images. A bug exists in the NewXMLTree method that could cause a crash due to an...

OSV-2026-300 UNKNOWN WRITE in nmeaid_to_prn

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486727024 Crash type: UNKNOWN WRITE Crash state: nmeaidtoprn processGSV nmeaparse...

OSV-2026-255 UNKNOWN WRITE in nmeaid_to_prn

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=484666533 Crash type: UNKNOWN WRITE Crash state: nmeaidtoprn processGSV nmeaparse...

OSV-2026-109 UNKNOWN WRITE in SHA224Result

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476170131 Crash type: UNKNOWN WRITE Crash state: SHA224Result mdmapsh224...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001229 advisory. A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty null write to this file can crash the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002987 advisory. A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty null write to this file can crash the...

OSV-2026-2 Heap-buffer-overflow in cmt_mpack_consume_uint_tag

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=472785094 Crash type: Heap-buffer-overflow WRITE 8 Crash state: cmtmpackconsumeuinttag cmtmpackunpackarray cmtmpackunpackmap...

OSV-2025-1020 Heap-buffer-overflow in mmcall

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=471093652 Crash type: Heap-buffer-overflow WRITE 8 Crash state: mmcall ljmetatset ljvmetatsetv...

OSV-2025-825 UNKNOWN WRITE in RescalerImportRowExpand_SSE2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=449781448 Crash type: UNKNOWN WRITE Crash state: RescalerImportRowExpandSSE2 WebPRescalerImport ProcessRows...

EUVD-2017-14607

Malware in sbrugna...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the gtlsbionewfromiostream and gtlsbionewfromdatagrambased functions. An attacker can cause a denial of service by triggering an out-of-memory condition that leads to writing to an invalid memory location...

OSV-2025-617 UNKNOWN WRITE in MP4_BoxFree

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437783630 Crash type: UNKNOWN WRITE Crash state: MP4BoxFree MP4ReadBoxContainerChildrenIndexed MP4ReadBoxContainer...