10 matches found
SUSE-SU-2026:22208-1 Security update for libyang
This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...
SUSE SLES12 Security Update : libyang (SUSE-SU-2026:2334-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2334-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML...
Security update for libyang
This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...
SUSE-SU-2026:2335-1 Security update for libyang
This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...
Security update for libyang
This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...
Linux Distros Unpatched Vulnerability : CVE-2026-41401
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing...
CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
UBUNTU-CVE-2026-41401
libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...
CVE-2026-41401
CVE-2026-41401 affects libyang prior to 5.2.6, where a heap-use-after-free occurs in lyd_parser_set_data_flags due to incorrect updates to metadata list pointers when freeing non-head default metadata entries. This can be triggered by submitting crafted YANG XML documents with specific metadata a...