59 matches found
UBUNTU-CVE-2025-38146
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, soft lockup/CPU stuck...
CVE-2025-38146
CVE-2025-38146 affects the Linux kernel net/openvswitch MPLS parsing. The issue can cause a dead loop when MPLS label stacks wrap, with a UBSAN array-index-out-of-bounds (index -1) in key_extract_l3l4 and related stack traces, potentially leading to soft lockup/CPU stall. A fix for the MPLS parse...
CVE-2025-38146 net: openvswitch: Fix the dead loop of MPLS parse
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, soft lockup/CPU stuck...
PT-2025-27732
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.15.0-121-generic 131-Ubuntu Description: A vulnerability in the Linux kernel has been resolved, specifically in the openvswitch module. The issue occurs when an unexpected MPLS packet does not end with the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential dead loop in the preparecompressoverwrite function of f2fs...
CVE-2024-56761
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
CVE-2024-56761
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
UBUNTU-CVE-2024-56761
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
CVE-2024-56761 x86/fred: Clear WFE in missing-ENDBRANCH #CPs
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. The vulnerability originates from the fact that when the "kernel IBT no ENDBR" self-test is triggered in the x86/fred modul...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the occurrence of a dead loop...
Linux kernel security vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a dead loop in the mcast list in IB/ipoib...
SAMSUNG Exynos Mobile Processor和Wearable Processor 安全漏洞
SAMSUNG Exynos is a SoC, Arm architecture-based processor developed and manufactured by Samsung Mobile, a South Korean company. A security vulnerability exists in SAMSUNG Exynos Mobile Processor, Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, which...
WebAssembly 安全漏洞
WebAssembly is a binary instruction format for stack-based virtual machines from WebAssembly. A security vulnerability exists in WebAssembly version 1.0, which stems from a problem with the component hang.wasm that results in a dead loop...
byacc 安全漏洞
byacc is an open source syntax parser generation tool from openeuler. A security vulnerability exists in openEuler byacc, which stems from a dead loop in the nextinline function of the morecurly function when processing a file...
Denial of Service Vulnerability in EasyBuilder Pro (CNVD-2021-16898)
EasyBuilder Pro is a configuration software developed by Wyland. A denial of service vulnerability exists in EasyBuilder Pro. An attacker can exploit this vulnerability to cause the process to fall into a dead loop, resulting in a denial of service...
Design/Logic Flaw
In libstagefright, there is a possible dead loop due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124783982...
CVE-2019-19416
The SIP module of some Huawei products have a denial of service DoS vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the...
CVE-2019-19415
The SIP module of some Huawei products have a denial of service DoS vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the...
CVE-2019-19417
The SIP module of some Huawei products have a denial of service DoS vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the...