Lucene search
K

63 matches found

Cvelist
Cvelist
added 2026/06/24 9:32 p.m.23 views

CVE-2026-10642 Unbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow control

The Zephyr PL011 UART driver drivers/serial/uartpl011.c contains an unbounded software loop in pl011irqtxenable that repeatedly invokes the interrupt-driven application callback while the TX interrupt mask bit PL011IMSCTXIM is set, to work around the controller's level-transition TX-interrupt...

4.6CVSS0.00185EPSS
Exploits1References2
OSV
OSV
added 2026/06/24 3:44 p.m.3 views

CVE-2026-54904 concurrent-ruby: `AtomicReference#update` livelocks when the stored value is `Float::NAN`

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...

8.2CVSS6AI score0.00278EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 3:44 p.m.7 views

CVE-2026-54904

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...

8.2CVSS5.9AI score0.00278EPSS
Exploits1References2Affected Software1
Hacker One
Hacker One
added 2026/06/05 3:50 a.m.8 views

curl: CVE-2026-11352: QUIC zero-length UDP datagrams busy-loop

Summary: curl's QUIC UDP receive helper ignores zero-length UDP datagrams before counting them against the per-call packet budget. On Linux, recvmmsgpackets loops while pkts maxpkts, but if!mmsgi.msglen continue; runs before pkts is incremented. The recvmsgpackets backend has the same no-progress...

7.5CVSS5.9AI score0.0101EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: Fixed an infinite busy loop after the timeout has expired. After the commit 0a65bc27bd64 “eventpoll: Sets the epoll timeout if it’s in the future”, the following program would immediately enter a busy loop in the...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 7:17 p.m.6 views

DEBIAN-CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

7.5CVSS5.8AI score0.00408EPSS
Exploits0References1
OSV
OSV
added 2026/05/13 7:17 p.m.20 views

UBUNTU-CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

7.5CVSS5.8AI score0.00408EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/06 8:53 p.m.14 views

Snappier has an infinite loop during SnappyStream decompression with malformed framed input

Summary Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. Details The hang manifests as a userspace busy loop with SnappyStreamDecompressor.Decompress repeatedly calling Crc32CAlgorithm.Append. The exact...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/04 1:12 p.m.8 views

JLSEC-2026-434 Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted...

Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS...

7.5CVSS5.8AI score0.01226EPSS
Exploits1References6
OSV
OSV
added 2026/05/04 1:12 p.m.9 views

JLSEC-2026-390

libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...

7.5CVSS6.8AI score0.02434EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.6 views

CVE-2022-42324

Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most...

5.5CVSS6.7AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27869

Malicious code in bioql PyPI...

6.4AI score0.0014EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/09/09 10:22 a.m.3 views

Security update for curl

This update for curl fixes the following issues: CVE-2025-5399: libcurl can possibly get trapped in an endless busy-loop when processing specially crafted packets bsc1243933. CVE-2025-5025: No QUIC certificate pinning with wolfSSL bsc1243706. CVE-2025-4947: QUIC certificate check skip with wolfSS...

8.3CVSS7.1AI score0.01226EPSS
Exploits4References18
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38017

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64...

5.5CVSS5AI score0.0014EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/20 4:43 p.m.6 views

CVE-2025-38017

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...

7CVSS7.2AI score0.0014EPSS
Exploits0References4
NVD
NVD
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38017

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...

5.5CVSS0.0014EPSS
Exploits0References2
OSV
OSV
added 2025/06/18 10:15 a.m.4 views

UBUNTU-CVE-2025-38017

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References5
OSV
OSV
added 2025/06/18 9:28 a.m.7 views

CVE-2025-38017 fs/eventpoll: fix endless busy loop after timeout has expired

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...

5.5CVSS6.5AI score0.0014EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/06/18 9:28 a.m.5 views

CVE-2025-38017

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...

5.5CVSS5.5AI score0.0014EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/18 9:28 a.m.12 views

CVE-2025-38017 fs/eventpoll: fix endless busy loop after timeout has expired

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...

0.0014EPSS
Exploits0References2
Rows per page
Query Builder