AWS VDP: Health check errors silently dropped when channel buffer full

Component: pkg/plugin/plugin.go:153-156, pkg/plugin/pluginv2.go:156-158 Affected Version: aws-encryption-provider @ 4341c70 all versions Found by: Source audit TLP: TLP:Amber --- Summary When KMS operations fail, the error is sent to a buffered channel healthCheckErrc, size 100 via a non-blocking...

CVE-2026-31890

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. Prior to 0.50.1, in a situation where the ring-buffer of a gadget is – incidentally or maliciously – already full, the gadget will silently drop events. Th...

Inspektor Gadget 安全漏洞

Inspektor Gadget is a set of tools and frameworks based on eBPF developed by Inspektor Gadget Inc. Versions of Inspektor Gadget prior to 0.50.1 contained security vulnerabilities. These vulnerabilities stemmed from the silent discarding of events when the ring buffer was full, with the discard...

EUVD-2017-15055

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-49771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the...

UBUNTU-CVE-2024-53236

In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for transmitting an xsk descriptor, i.e., for every non-multibuf descriptor or the first frag of a multibuf descriptor, but the descriptor is later...

Configuration Restore Fails With: "2200N: invalid XML content DETAIL: buffer full"

Challenge When performing a configuration restore or migration, the Restore process fails with the error: 2200N: invalid XML content DETAIL: buffer full Cannot read configuration backup Cause This error is caused by an underlying issue within PostgreSQL 15.1 and 15.2 PostgreSQL 15.1 was included...

SUSE CVE-2017-5986

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

UBUNTU-CVE-2020-1917

xbufformatconverter, used as part of exifreaddata, was appending a terminating null character to the generated string, but was not using its standard append char function. As a result, if the buffer was full, it would result in an out-of-bounds write. This issue affects HHVM versions prior to...

PT-2020-17528 · Rust · Ws

Name of the Vulnerable Software and Affected Versions: ws crate versions prior to 2020-09-25 Description: An issue in the ws crate allows a remote memory-consumption attack due to the outgoing buffer not being properly limited. This enables a remote attacker to take down the process by growing th...

kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf

It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUGON in sctpwaitforsndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread...

CVE-2017-5986

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

UBUNTU-CVE-2017-5986

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

CVE-2017-5986

It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUGON in sctpwaitforsndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread...

QEMU 'ne2000_buffer_full()' Denial of Service Vulnerability

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in QEMU due to an error in the 'ne2000bufferfull' function in the hw/net/ne2000.c file when the program processes a specific packet. A...