CVE-2026-31448

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...

CVE-2026-31448

CVE-2026-31448 concerns the Linux kernel ext4 filesystem. The issue arises on mkdir/mknod when an extent insertion fails and ext4_ext_map_blocks() reclaims blocks without removing corresponding data from the extent tree, allowing the same physical block to be referenced by both directory and xatt...

CVE-2026-35328

Infinite Loop When Handling Supported Versions TLS Extension...

UBUNTU-CVE-2026-35328

Infinite Loop When Handling Supported Versions TLS Extension...

CVE-2026-41146 facil.io and downstream iodine ruby gem vulnerable to uncontrolled resource consumption and loop with unreachable exit condition

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

EUVD-2026-24583

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

CVE-2026-41146

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

CVE-2026-41146

facil.io (C micro-framework) contains a vulnerability in fio_json_parse that can enter an infinite loop when parsing a nested JSON value starting with i or I, causing a CPU core to be pegged at ~100% and not returning a parse error. The issue also affects downstream iodine Ruby gem that vendors t...

CVE-2026-41146 facil.io and downstream iodine ruby gem vulnerable to uncontrolled resource consumption and loop with unreachable exit condition

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...

PT-2026-34238

facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fio json parse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the internal IPv4 header length in the IPTFS payload. This vulnerability ma...

PT-2026-34353

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system during the mkdir and mknod paths. When mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails, the ext4 e...

PT-2026-34556

Name of the Vulnerable Software and Affected Versions StrongSwan affected versions not specified Description An issue exists that can lead to an infinite loop, resulting in a system crash. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

PT-2026-34377

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet tot len and ihl fields parsed from decrypted IPTFS payloads in input process payload. A crafted ESP packet containing an inne...

facil.io 资源管理错误漏洞

facil.io is a C-language high-performance web application microframework developed by Bo’s individual developer. Facil.io has a resource management vulnerability; this vulnerability arises when fiojsonparse enters an infinite loop upon encountering nested JSON values that start with “i” or “I”,...

openSUSE 16 Security Update : clamav (openSUSE-SU-2026:20479-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20479-1 advisory. Update to clamav 1.5.2: Security issue: - CVE-2026-20031: improper error handling in the HTML CSS module when splitting UTF-8 strings can lead to denial...

Debian dsa-6227 : charon-cmd - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6227 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6227-1 [email protected]...

Infinite loop

Overview org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages. Affected versions of this package are...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop via the Java networking APIs. An unauthenticated attacker can cause repeated crashes or hangs by sending crafted network input to applications using the affected networking components, leading to denial of service...

CVE-2026-41285

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery ND option over a local network with length zero, because of an "ndoptlen 8 - 2" expression with no preceding check for whether ndoptlen is zero...