PT-2026-40843

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to a3f6d73 Description An infinite loop can occur during image handling when checksum calculations are performed using the 'file:///dev/zero' URL. Recommendations Update to version a3f6d73 or later...

EUVD-2026-30209

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

CVE-2026-31654 mm/vma: fix memory leak in __mmap_region()

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...

PT-2026-35006

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmap region commit 605f6586ecf7 "mm/vma: do not leak memory when .mmap prepare swaps the file" handled the success path by skipping get file via file doesnt need get, but missed the error path. When...

Denial Of Service (DoS)

helm.sh/helm/v3 is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of crafted JSON Schema files with $ref pointing to /dev/zero, which allows an attacker to exhaust system memory leading to OOM termination...

Allocation of Resources Without Limits or Throttling

Overview helm.sh/helm/pkg/chartutil is a package that contains tools for working with charts. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the processing of JSON Schema files containing $ref fields that point to device files such as...

CVE-2025-55199 Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

kernel: Null pointer dereference in trace_writeback_dirty_page()

A security flaw was found in the Linux kernel that an attempt to move page mapped by AIO ring buffer to the other node triggers NULL pointer dereference at tracewritebackdirtypage, because aiofsbackingdevinfo.dev is 0...

kernel: thp: madvise on top of /dev/zero private mapping can lead to panic

The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAPPRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service system crash via a crafted application...