wid-sec-w-2026-0734
·
Published 2026-03-15
·
View on BSI CERT-Bund ↗
GNU InetUtils: Multiple Vulnerabilities
CVSS 9.8
CRITICAL
Risk Summary
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.
CVEs (2)
Affected Vendors
Debian
IGEL
Open Source
SUSE
Synology
Affected Products (8)
Open Source
·
InetUtils
<=2.7
Open Source
·
InetUtils
<=2.7
Synology
·
DiskStation Manager
<7.3.2-86009-3
Synology
·
DiskStation Manager
7.3.2-86009-3
Synology
·
DiskStation Manager
<7.2.2-72806-8
Synology
·
DiskStation Manager
7.2.2-72806-8
Synology
·
DiskStation Manager
<7.2.1-69057-11
Synology
·
DiskStation Manager
7.2.1-69057-11
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more