DEBIAN-CVE-2026-8484

Source
https://security-tracker.debian.org/tracker/CVE-2026-8484
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-8484
Upstream
Published
2026-06-16T12:16:26.730Z
Modified
2026-06-18T08:00:09.079968865Z
Severity
  • 4.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
Summary
[none]
Details

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS). All versions are believed to be vulnerable. This project is unmaintained at the time of CVE assignment.

References

Affected packages

Debian:11
jansi

Package

Name
jansi
Purl
pkg:deb/debian/jansi?arch=source&distro=bullseye

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.18-1
2.*
2.4.0-1
2.4.0-2
2.4.0-3
2.4.1-1
2.4.1-2
2.4.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
jansi-native

Package

Name
jansi-native
Purl
pkg:deb/debian/jansi-native?arch=source&distro=bullseye

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.8-1
1.8-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
Debian:12
jansi

Package

Name
jansi
Purl
pkg:deb/debian/jansi?arch=source&distro=bookworm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.0-2
2.4.0-3
2.4.1-1
2.4.1-2
2.4.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
jansi-native

Package

Name
jansi-native
Purl
pkg:deb/debian/jansi-native?arch=source&distro=bookworm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.8-1
1.8-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
jansi1

Package

Name
jansi1
Purl
pkg:deb/debian/jansi1?arch=source&distro=bookworm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.18-3
1.18-3.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
Debian:13
jansi

Package

Name
jansi
Purl
pkg:deb/debian/jansi?arch=source&distro=trixie

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.1-2
2.4.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
jansi-native

Package

Name
jansi-native
Purl
pkg:deb/debian/jansi-native?arch=source&distro=trixie

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.8-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
jansi1

Package

Name
jansi1
Purl
pkg:deb/debian/jansi1?arch=source&distro=trixie

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.18-3.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
Debian:14
jansi

Package

Name
jansi
Purl
pkg:deb/debian/jansi?arch=source&distro=forky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.1-2
2.4.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
jansi-native

Package

Name
jansi-native
Purl
pkg:deb/debian/jansi-native?arch=source&distro=forky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.8-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"
jansi1

Package

Name
jansi1
Purl
pkg:deb/debian/jansi1?arch=source&distro=forky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.18-3.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-8484.json"