Medium4.2Vendor: LowRed Hat Linux Updated
off-by-one buffer overflows in ipa-otpd oauth2.c during OAuth2 device authorization
CVE-2026-14612 Published Jul 3, 2026Updated by vendor Jul 3, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
off-by-one buffer overflows in ipa-otpd oauth2.c during OAuth2 device authorization. Red Hat rates this low (CVSS 4.2). Weakness: CWE-787.
Mitigation checklist
Recommended fix / mitigation
- Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.