Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Missing Bounds Validation in OCaml's readblock() Function
SUSE-SU-2026:0830-1
Summary
An update is available for OCaml to fix a bug that could allow attackers to run malicious code. This update is important to install to prevent potential security risks. Users should apply the update as soon as possible.
What to do
- Update ocaml to version 4.14.2-150600.3.3.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | ocaml | <= 4.14.2-150600.3.3.1 | 4.14.2-150600.3.3.1 |
| – | ocaml | <= 4.14.2-150600.3.3.1 | 4.14.2-150600.3.3.1 |
| – | ocaml | <= 4.14.2-150600.3.3.1 | 4.14.2-150600.3.3.1 |
| – | ocaml | <= 4.14.2-150600.3.3.1 | 4.14.2-150600.3.3.1 |
Original title
Security update for ocaml
Original description
This update for ocaml fixes the following issues:
- CVE-2026-28364: missing bounds validation in readblock() can lead to arbitrary code execution (bsc#1258992).
- CVE-2026-28364: missing bounds validation in readblock() can lead to arbitrary code execution (bsc#1258992).
- https://www.suse.com/support/update/announcement/2026/suse-su-20260830-1/ Vendor Advisory
- https://bugzilla.suse.com/1258992 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2026-28364 URL
Published: 5 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026