CVE-2024-7866

In Xpdf 4.05 and earlier, a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow...

CVE-2024-7866

In Xpdf 4.05 and earlier, a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow...

CVE-2024-7866

In Xpdf 4.05 and earlier, a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow...

UBUNTU-CVE-2024-7866

In Xpdf 4.05 and earlier, a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow...

CVE-2024-7866

In Xpdf 4.05 and earlier, a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow...

CVE-2024-7866

In Xpdf 4.05 and earlier, a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow...

PT-2024-38643

Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue is caused by a PDF object loop in a pattern resource, leading to infinite recursion and a stack overflow. This could allow attackers to crash the system or expose data. Recommendations For...

USN-6958-1: Libcroco vulnerabilities

It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-7960 It was discovered th...

Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS : Libcroco vulnerabilities (USN-6958-1)

The remote Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6958-1 advisory. It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a hea...

ROS-20240812-05

Squid proxy server followxforwardedfor function vulnerability is related to uncontrolled recursion when processing X-Forwarded-For HTTP request headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240812-09

A vulnerability in the HttpStateData function of the Chunked decoder of the Squid proxy server is related to a buffer overflow on the stack as a result of uncontrolled recursion while processing HTTP messages. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

kernel: net/sched: Fix mirred deadlock on device recursion

In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion The Linux kernel CVE team has assigned CVE-2024-27010 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27010-5a68@gregkh/T...

kernel: tracing: Restructure trace_clock_global() to never block

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following backtrace was extracted fro...

kernel: net/sched: Fix mirred deadlock on device recursion

In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion The Linux kernel CVE team has assigned CVE-2024-27010 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27010-5a68@gregkh/T...

kernel: tracing: Restructure trace_clock_global() to never block

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following backtrace was extracted fro...

CVE-2024-41042

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection because a cycle will result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a hit to the stack protection page due to an unbounded recursion that could result from old loop detection...

CLSA-2024-1721659158 Fix of 66 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof vs ARRAYSIZE bug CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADFDEVRESETSYNC memory leak CVE-url:...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to various issues due to go compiler ( CVE-2022-30630, CVE-2022-30635, CVE-2022-32148, CVE-2022-30631, CVE-2022-30632, CVE-2022-32189, CVE-2022-28131, CVE-2022-30633, CV )

Summary Golang compiler is used by IBM Cloud Pak for Data to build various binaries. CVE-2022-30630, CVE-2022-30635, CVE-2022-32148, CVE-2022-30631, CVE-2022-30632, CVE-2022-32189, CVE-2022-28131, CVE-2022-30633, CVE-2022-1705. Vulnerability Details CVEID:CVE-2022-30630 DESCRIPTION: Golang Go is...

The vulnerability in the implementation of the Secure Boot protocol for operating systems with Windows, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Secure Boot protocol for loading operating systems on Windows is related to uncontrolled recursion. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...