11156 matches found
UBUNTU-CVE-2022-48635
In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in daxiomaprw I got an infinite loop and a WARNING report when executing a tail command in virtiofs. WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomapiter+0x3a2/0x3d0 Modules linked in: CPU: 10 PID: 9...
CVE-2022-48635 fsdax: Fix infinite loop in dax_iomap_rw()
In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in daxiomaprw I got an infinite loop and a WARNING report when executing a tail command in virtiofs. WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomapiter+0x3a2/0x3d0 Modules linked in: CPU: 10 PID: 9...
CVE-2022-48635 fsdax: Fix infinite loop in dax_iomap_rw()
In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in daxiomaprw I got an infinite loop and a WARNING report when executing a tail command in virtiofs. WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomapiter+0x3a2/0x3d0 Modules linked in: CPU: 10 PID: 9...
CVE-2022-48635
CVE-2022-48635 : In the Linux kernel, the dax_iomap_rw() path can enter an infinite loop when a tail read is issued with count=0 (as with tail reading via read()), causing a persistent WARNING from iomap_iter. The vulnerability is fixed by adding an explicit check for a 0 count in dax_iomap_rw(),...
CVE-2022-48635 fsdax: Fix infinite loop in dax_iomap_rw()
In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in daxiomaprw I got an infinite loop and a WARNING report when executing a tail command in virtiofs. WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomapiter+0x3a2/0x3d0 Modules linked in: CPU: 10 PID: 9...
CVE-2022-48635
In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in daxiomaprw I got an infinite loop and a WARNING report when executing a tail command in virtiofs. WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomapiter+0x3a2/0x3d0 Modules linked in: CPU: 10 PID: 9...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an infinite loop problem in the daxiomaprw function...
RHEL 8 / 9 : OpenShift Container Platform 4.13.5 (RHSA-2023:4093)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4093 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
RHEL 8 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Important) (RHSA-2023:4470)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4470 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Manager...
Fedora 39 : unbound (2024-3b173364d4)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3b173364d4 advisory. - Use the origin DNAME TTL for synthesized CNAMEs as per RFC 6672. - Bug fixes https://nlnetlabs.nl/projects/unbound/download/unbound-1-19-3 Tenable has...
RHEL 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3540)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3540 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...
RHEL 7 / 8 : Red Hat Ansible Automation Platform 1.2.2 (RHSA-2021:0781)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0781 advisory. Red Hat Ansible Automation Platform integrates Red Hat's automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible Engine,...
go -- net: malformed DNS message can cause infinite loop
The Go project reports: net: malformed DNS message can cause infinite loop A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop...
VulnCheck KEV: CVE-2024-20353
Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD contain an infinite loop vulnerability that can lead to remote denial of service condition...
Cisco ASA and FTD Denial of Service Vulnerability
Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD contain an infinite loop vulnerability that can lead to remote denial of service condition...
Ubuntu 22.04 LTS / 23.10 : Google Guest Agent and Google OS Config Agent vulnerability (USN-6746-1)
The remote Ubuntu 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6746-1 advisory. It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to...
SUSE CVE-2024-32650
Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...
RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2023:3445)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3445 advisory. A highly-available key value store for shared configuration Security Fixes: Information discosure via debug function CVE-2021-28235...
GHSA-6G7W-8WPP-FRHJ Denial of Service Vulnerability in Rustls Library
Summary rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call completeio and are not affected. rustls::Stream and...
Denial of Service Vulnerability in Rustls Library
Summary rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call completeio and are not affected. rustls::Stream and...