14 matches found
CVE-2026-44390
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...
CLSA-2026-1769424072 unbound: Fix of CVE-2024-8508
CVE-2024-8508: limit number of name compression calculations per packet to prevent CPU locking and potential denial of service...
NewStart CGSL MAIN 7.02 : unbound Vulnerability (NS-SA-2025-0089)
The remote NewStart CGSL host, running version MAIN 7.02, has unbound packages installed that are affected by a vulnerability: - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression fo...
EulerOS 2.0 SP10 : unbound (EulerOS-SA-2025-1015)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries t...
kernel: Linux kernel (x86/xen): Memory leak in CPU lock initialization leading to denial of service.
A flaw was found in the Linux kernel's x86/xen component. A local user could exploit a memory leak vulnerability during the initialization of the CPU lock in the xeninitlockcpu function. If a specific internal function fails after memory allocation, the allocated memory is not properly released...
DEBIAN-CVE-2024-8508
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...
CVE-2024-8508
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...
DEBIAN-CVE-2023-34328
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...
CVE-2023-34328
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...
UBUNTU-CVE-2023-34328
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...
kernel: net: openvswitch: fix race on port output
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows 2. two network namespaces "server" and "client" 3. two ovs interfaces "server"...
DEBIAN-CVE-2020-29567
An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met when first checke...
Fedora 15 : xen-4.1.1-3.fc15 (2011-10942)
untrusted guest controlling PCIE device can lock up host CPU CVE-2011-3131 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducin...
Fedora 16 : xen-4.1.1-3.fc16 (2011-10834)
untrusted guest controlling PCIE device can lock up host CPU CVE-2011-3131 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducin...