CVE-2024-35886

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...

UBUNTU-CVE-2024-35886

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...

CVE-2024-35886 ipv6: Fix infinite recursion in fib6_dump_done().

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of infinite recursion...

EulerOS Virtualization 3.0.6.6 : bind (EulerOS-SA-2024-1644)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion...

The vulnerability of the pfn_valid() function in the include/linux/mmzone.h module of the Linux kernel’s memory management subsystem allows a attacker to cause a service failure.

The vulnerability of the pfnvalid function in the include/linux/mmzone.h module of the Linux memory management subsystem is related to an infinite recursion. Exploiting this vulnerability could allow an attacker to cause a system failure...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1644)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20240514-04

A vulnerability in the Netty networking software is associated with the occurrence of an interpretation conflict. Exploitation of the vulnerability could allow an attacker acting remotely to disclose and modify protected information A vulnerability in the Netty networking software is related to...

Uncontrolled Recursion

Exiv2 is vulnerable to an Uncontrolled Recursion. The vulnerability is due to faulty handling of directory offsets in bigtiffimage.cpp, allowing an infinite loop through recursive function calls when processing specially crafted TIFF files...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

The vulnerability of Xenstore information storage in Xen hypervisors allows a attacker to cause a service failure.

The vulnerability of Xenstore information storage in the Xen hypervisor relates to an uncontrolled recursion. Exploiting this vulnerability could allow an attacker to cause a service failure...

RHEL 7 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Missing validation for external entities in xmlParsePEReference CVE-2017-7375 - libxml2:...

RHEL 7 : jettison (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jettison: Uncontrolled Recursion in JSONArray CVE-2023-1436 - Those using Jettison to parse untrusted XML...

RHEL 6 : poppler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - poppler: heap-based buffer over-read in function downsamplerowboxfilter in CairoRescaleBox.cc CVE-2019-96...

RHEL 7 : krb5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5: Buffer overflow in getmatchingdata CVE-2017-15088 - Double free vulnerability in MIT Kerberos 5 aka...

RHEL 7 : systemd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary file...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

PT-2024-6208 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to the function H5E printf stack in the file H5Eint.c of the HDF5 Library, which is associated with uncontrolled recursion. This can lead to stack consumption. Exploitati...

CVE-2024-4568

In Xpdf 4.05 and earlier, a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow...

CVE-2024-4568

In Xpdf 4.05 and earlier, a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow...