Back

Critical Heap Overflow Vulnerability in Fedora 42 Affects Samtools and HTSlib

Severity: High (Score: 72.8)

Sources: Linuxsecurity

Summary

A critical heap overflow vulnerability has been identified in the htslib library, which is crucial for high-throughput sequencing data processing in Fedora 42. This vulnerability, cataloged under CVE-2026-31962, allows for arbitrary code execution via crafted CRAM files. Other related vulnerabilities include CVE-2026-31963, CVE-2026-31964, and CVE-2026-31965, which involve denial of service and information disclosure. Users of samtools and bcftools, which rely on htslib, are particularly affected. The vulnerabilities were published on March 18, 2026, and an update to version 1.23.1 has been released to mitigate these issues. The update can be installed using the 'dnf' package manager. Security professionals are advised to apply the update promptly to protect against potential exploitation. Key Points: • Critical heap overflow vulnerabilities in htslib affect samtools and bcftools. • CVE-2026-31962 allows arbitrary code execution via crafted CRAM files. • Users are urged to update to htslib version 1.23.1 to mitigate risks.

Key Entities

  • CVE-2026-31962 (cve)
  • CVE-2026-31963 (cve)
  • CVE-2026-31964 (cve)
  • CVE-2026-31965 (cve)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed