Rauc · Rauc · CVE-2026-34155
**Name of the Vulnerable Software and Affected Versions**
RAUC versions prior to 1.15.2
**Description**
RAUC manages the update process on embedded Linux systems. When using the 'plain' format, bundles larger than 2 GiB can cause an integer overflow, leading to a signature that only covers a portion of the payload. An attacker could exploit this by modifying the unsigned part of a legitimately signed bundle.
**Recommendations**
Update to version 1.15.2 or later.