11152 matches found
batman-adv: Avoid infinite loop trying to resize local TT
...
Soot 安全漏洞
Soot is a Java optimization framework from the Soot project. A security vulnerability exists in Soot versions prior to 4.4.1, which stems from an infinite loop in the retrieveActiveBody function, allowing an attacker to cause a denial of service...
Traefik vulnerable to GO issue allowing malformed DNS message to cause infinite loop
Impact There is a vulnerability in GO managing malformed DNS message, which impacts Traefik. This vulnerability could be exploited to cause a denial of service. References - CVE-2024-24788 Patches - https://github.com/traefik/traefik/releases/tag/v2.11.3 -...
Denial Of Service (DOS)
Wireshark is vulnerable to Denial Of Service DOS. The vulnerability is due to MONGO and ZigBee TLV dissector infinite loops resulting in Unreachable Exit Condition via packet injection or crafted capture file...
CVE-2021-47448
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg recvmsg can enter an infinite loop if the caller provides the MSGWAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more data is received by the...
RHEL 8 : perl-Convert-ASN1 (RHSA-2024:3049)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3049 advisory. Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an...
systemd security update
239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...
edk2 security update
20220126gitbb1bba3d77-13 - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - edk2-StandaloneMmPkg-Hob-Integer-Overflow-in-CreateHob.patch RHEL-21158 - Resolves: RHEL-21158 CVE-2022-36765 edk2: integer overflow in CreateHob could lead to HOB OOB R/W rhel-8...
QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...
edk2: Infinite loop when parsing a PadN option in the Destination Options header
The Network Package in EDK2 is vulnerable to an infinite loop exploit when parsing a PadN option within the Destination Options header of IPv6. This flaw allows an unauthorized attacker to gain access and potentially result in a loss of system availability...
edk2: Infinite loop when parsing unknown options in the Destination Options header
A security loophole involving an infinite loop was identified in EDK2, the open-source reference implementation of the UEFI specification. This weakness enables an unauthorized attacker to exploit system availability by sending a specifically crafted Destination Options IPv6 header...
libX11: stack exhaustion from infinite recursion in PutSubImage()
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition...
perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
Moderate: Red Hat Security Advisory: perl-Convert-ASN1 security update
An update for perl-Convert-ASN1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
DEBIAN-CVE-2021-47448
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg recvmsg can enter an infinite loop if the caller provides the MSGWAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more data is received by the...
CVE-2021-47448
CVE-2021-47448 affects the Linux kernel MPTCP recvmsg path. If the caller uses MSG_WAITALL and insufficient data remains to satisfy the request, recvmsg can stall in an infinite loop because mptcp_wait_data() detects MPTCP_DATA_READY and never clears it in that code path. This can trigger an RCU ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that if the caller provides MSGWAITALL, the data present in the receive queue does not satisfy the...
ALSA-2024:3049 Moderate: perl-Convert-ASN1 security update
Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input CVE-2013-7488 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
Moderate: perl-Convert-ASN1 security update
Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input CVE-2013-7488 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
DEBIAN-CVE-2021-47406
In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4extreplaysetiblocks If the call to ext4mapblocks fails due to an corrupted file system, ext4extreplaysetiblocks can get stuck in an infinite loop. This could be reproduced by running generic/526 wi...