Fedora 44 bcftools 1.23.1 Update Denial of Service CVE-2026-31972
fedora
March 28, 2026
Update to 1.23.1
Summary
BCFtools is a set of utilities that manipulate genomic variant calls in the
Variant Call Format (VCF) and its binary counterpart (BCF). All commands work
transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed.
(This BCFtools includes the polysomy subcommand, which is implemented using
the GNU Scientific Library. Hence this package is licensed according to the
GNU General Public License, rather than the MIT license used when BCFtools
is built without the polysomy subcommand.)
Update Information:
Update to 1.23.1
Topics Covered
Change Log
* Thu Mar 19 2026 Rasmus Ory Nielsen
References
[ 1 ] Bug #2448857 - CVE-2026-31972 samtools: SAMtools: Information Disclosure and Denial of Service via use-after-free vulnerability in mpileup command
https://bugzilla.redhat.com/show_bug.cgi?id=2448857
[ 2 ] Bug #2448860 - CVE-2026-31973 samtools: SAMtools: Denial of Service due to NULL pointer dereference in cram-size command
https://bugzilla.redhat.com/show_bug.cgi?id=2448860
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cb321bebb5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: bcftools
Product: Fedora 44
Version: 1.23.1
Release: 1.fc44
Summary: Tools for genomic variant calling and manipulating VCF/BCF files
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!