VDB

GCVE-110-MAGEIA-2026-144

GCVE-110-MAGEIA-2026-144
Advisory Published
Vulnetix · Advisory published May 16, 2026
It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).

Affected Products

VendorProductVersionsPlatforms
Mageiadpkg0 (affected), 1.22.22-1.mga9 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›