Astra Linux – Vulnerability in krb5

The file “lib/kadm5/kadmrpcxdr.c” in MIT Kerberos 5 also known as krb5 before versions 1.20.2 and 1.21.x before version 1.21.1 exposes an uninitialized pointer. A remotely authenticated user can cause a Kadmind crash. This occurs because the function xdrkadm5principalentrec does not validate the...

SUSE CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-45870

A flaw was found in the Linux kernel's SUNRPC Sun Remote Procedure Call authentication GSS Generic Security Service module. This vulnerability occurs due to memory leaks in the XDR eXternal Data Representation decoding error paths within functions like gssxdecctx, gssxdecstatus, and gssxdecname...

EUVD-2026-32336

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

UBUNTU-CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-45870 SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-45870

The CVE-2026-45870 issue affects the Linux kernel SUNRPC auth_gss path, causing memory leaks in XDR decoding error paths. Specifically, gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() allocate buffers via gssx_dec_buffer() (kmemdup) and may return early on a subsequent decode error without...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an XDR decoding error path in the SURNPROC authgss module. This error path fails to release the...

CVE-2026-45870

SUNRPC: authgss: fix memory leaks in XDR decoding error paths...

PT-2026-43737

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the SUNRPC auth gss component during XDR decoding error paths. The functions gssx dec ctx, gssx dec status, and gssx dec name allocate memory using gssx dec buffer,...

Linux Distros Unpatched Vulnerability : CVE-2026-45870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFSD: The encoder for NFSv2 GETACL results has been completed. The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should now handle this automatically. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: Fixed the issue of loading RxGK tokens to check bounds. The rxrpcpreparsexdryfsrxgk function reads the raw key length and ticket length from the XDR token as u32 values. It rounds each value up by 4 before using the...

CVE-2026-31696

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...

CVE-2026-31696

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...

PT-2026-36326

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the rxrpc preparse function, the non-XDR path for parsing key payloads used for payloads 28 bytes or smaller fails to validate the ticket length against AFSTOKEN RK TIX MAX. This...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013110)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013110 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix null pointer dereference on zero-length checksum In xdrstreamdecodeopaqueauth,...

SUSE CVE-2026-34232

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the iscargcstring type when decoding an opresponse packet, causing a server crash when one is encountered in the status vector. An...

CVE-2026-34232

A flaw was found in Firebird, an open-source relational database management system. The xdrstatusvector function, responsible for decoding server responses, does not properly handle a specific data type iscargcstring within an opresponse packet. An unauthenticated attacker can exploit this...