1469 matches found
CVE-2025-69652
GNU Binutils readelf (up to version 2.46) contains a vulnerability when processing crafted ELF binaries with malformed DWARF/debug info. Root cause: incomplete cleanup in process_debug_info can leave invalid debug_info_p state, causing a fatal abort in byte_get_little_endian() for certain zero-le...
SUSE-SU-2026:0834-1 Security update for libsoup2
This update for libsoup2 fixes the following issues: - CVE-2025-32049: denial of service attack to websocket server bsc1240751. - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. - CVE-2026-1539: proxy authentication credentials leaked via...
SUSE-SU-2026:20644-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39698: iouring/futex: ensure iofutexwait...
OESA-2026-1449 libsoup security update
libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in SoupServer. This HTTP request smuggling vulnerability occur...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...
curl: RTSP RTP Interleaved Parser Assertion Failure (Zero-Length RTP Payload)
Summary: I am submitting this as a security issue primarily due to how it was discovered and that it's my first Curl submission, but I suspect I might be overly cautious here. This issue was discovered as part of the AIXCC competition, and I am assisting on reporting true positive findings to...
SUSE-SU-2026:20517-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length...
SUSE-SU-2026:20516-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero ...
SUSE-SU-2026:20457-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...
SUSE-SU-2026:20468-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest...
SUSE-SU-2026:20501-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...
SUSE-SU-2026:20467-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest...
SUSE-SU-2026:20461-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...
CVE-2026-2681
A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...
CVE-2026-2681 Github.com/supranational/blst: blst cryptographic library: denial of service via out-of-bounds stack write in key generation
A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...
CVE-2026-2681
The CVE-2026-2681 entry concerns the blst cryptographic library. The vulnerability is an out-of-bounds stack write in the blst_sha256_bcopy assembly routine caused by a missing zero-length guard. A remote attacker could exploit this by supplying a zero-length salt to key generation functions (e.g...
CVE-2026-2681 Github.com/supranational/blst: blst cryptographic library: denial of service via out-of-bounds stack write in key generation
A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...
blst 安全漏洞
Blst is a Supranational open-source signature library. Blst has a security vulnerability, which stems from the lack of zero-length protection in the blstsha256bcopy assembly routine. This vulnerability may lead to memory corruption and denial-of-service attacks...
PT-2026-20648
A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blst sha256 bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...
CVE-2026-2681
A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...