23 matches found
CVE-2026-54592
The CVE-2026-54592 vulnerability affects Oj (Optimized JSON), a Ruby gem JSON parser/marshaller. In versions prior to 3.17.3, Oj::Doc#each_child can overflow a fixed-size stack buffer when recursively traversing deeply nested JSON, causing a DoS. The issue arises from a two-step chain in ext/oj/f...
CVE-2026-54592
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...
Oj: Use-After-Free in Oj::Doc Iterators via Reentrant Close
Summary Oj::Doc iterators eachvalue, eachchild, eachleaf are vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed while the C iterator is still running. When control returns from the block, the iterator rea...
GHSA-9PPP-W3G4-FH4Q Oj: Use-After-Free in Oj::Doc Iterators via Reentrant Close
Summary Oj::Doc iterators eachvalue, eachchild, eachleaf are vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed while the C iterator is still running. When control returns from the block, the iterator rea...
GHSA-3M6Q-JJ5J-38C9 Oj: Stack Buffer Overflow in Oj::Doc#each_child via Deeply Nested Input
Summary Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process. This is a denial of service reachable from untrusted JSON. Details Two-step chain in ext/oj/fast.c: 1. doceachchild line 1501 increments doc-where pas...
PT-2026-51067
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.3 Description When Oj::Doceach child is invoked recursively over a deeply nested JSON document, it can cause a fixed-size stack buffer overflow, leading to a denial of service DoS that aborts the process. This occurs...
Oj - Stack Buffer Overflow in Oj::Doc#each_child via Deeply Nested Input
Summary Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process. This is a denial of service reachable from untrusted JSON. Impact Reliable denial of service: any endpoint that calls Oj::Doc.openuntrusted |d|...
PT-2026-51083
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj::Doc iterators each value, each child, each leaf are subject to a heap use-after-free. This occurs when a Ruby block yielded during iteration calls doc.close or d.close, causing the document's heap...
CVE-2025-71290 misc: ti_fpc202: fix a potential memory leak in probe function
In the Linux kernel, the following vulnerability has been resolved: misc: tifpc202: fix a potential memory leak in probe function Use foreachchildofnodescoped to simplify the code and ensure the device node reference is automatically released when the loop scope ends...
EUVD-2022-55503
Malicious code in bioql PyPI...
EUVD-2025-30844
Malicious code in bioql PyPI...
SUSE CVE-2025-39882
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: fix potential OF node use-after-free The foreachchildofnode helper drops the reference it takes to each node as it iterates over children and an explicit ofnodeput is only needed when exiting the loop early. Drop th...
UBUNTU-CVE-2025-39882
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: fix potential OF node use-after-free The foreachchildofnode helper drops the reference it takes to each node as it iterates over children and an explicit ofnodeput is only needed when exiting the loop early. Drop th...
DEBIAN-CVE-2022-50249
In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in ofgetddrtimings We should add the ofnodeput when breaking out of foreachchildofnode as it will automatically increase and decrease the refcount...
CVE-2022-50249 memory: of: Fix refcount leak bug in of_get_ddr_timings()
In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in ofgetddrtimings We should add the ofnodeput when breaking out of foreachchildofnode as it will automatically increase and decrease the refcount...
Linux Distros Unpatched Vulnerability : CVE-2022-50121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix refcount leak in k3r5clusterofinit Every iteration of...
kernel: remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init
In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix refcount leak in k3r5clusterofinit Every iteration of foreachavailablechildofnode decrements the reference count of the previous node. When breaking early from a foreachavailablechildofnode loop, we need to...
kernel: Bluetooth: fix use-after-free in device_for_each_child()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in deviceforeachchild Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in deviceforeachchild+0x18f/0x1a0 Read of size 8 at addr ffff88801f605308 by task kbnepd bnep0/498...
UBUNTU-CVE-2024-58034
In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegraemcfindnodebyramcode As offindnodebyname release the reference of the argument device node, tegraemcfindnodebyramcode releases some device nodes while still in use,...
UBUNTU-CVE-2022-49351
In the Linux kernel, the following vulnerability has been resolved: net: altera: Fix refcount leak in alteratsemdiocreate Every iteration of foreachchildofnode decrements the reference count of the previous node. When break from a foreachchildofnode loop, we need to explicitly call ofnodeput on t...