126 matches found
CVE-2025-59375
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing...
Linux Distros Unpatched Vulnerability : CVE-2025-38506
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SN...
CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
SUSE CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
DEBIAN-CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
UBUNTU-CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
CVE-2025-38506
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...
PT-2025-33549
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc7.20250520.el9uek.rc1.x86 64 Description: The Linux kernel contained a flaw where the CPU could become locked up while setting per-page memory attributes during operation in kvm vm set mem attributes wi...
UBUNTU-CVE-2025-22091
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix pagesize variable overflow Change all variables storing mlx5umemmkcfindbestpgsz result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to register 4GB of memory that is...
CVE-2025-29917 Suricata decode_base64: signature can do large memory allocation
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...
CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...
AZL-59754 CVE-2025-22010 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer e.g. MR over 100GB is being allocated, it may require a considerable loop coun...
CVE-2025-22010
CVE-2025-22010 affects the Linux kernel’s RDMA/hns: fixes a soft lockup during BT page loop when allocating very large buffers (e.g., MR > 100GB). The vulnerable path occurs in hns_roce_hw_v2: hem_list_alloc_mid_bt, hns_roce_hem_list_request, hns_roce_mtr_create, alloc_mr_pbl, and hns_roce_reg...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference counting problem on large memory pages...
The vulnerability of the btrfs component of the Linux operating system’s kernel, related to writing beyond the memory boundaries, allows a hacker to trigger a service failure.
The vulnerability of the btrfs component in Linux operating systems relates to the copying of overly large compressed segments. The compressed length may be corrupted, resulting in a much larger amount of memory being allocated for the buffer. Exploiting this vulnerability can allow an attacker t...
DEBIAN-CVE-2024-40979
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix kernel crash during resume Currently during resume, QMI target memory is not properly handled, resulting in kernel crash in case DMA remap is not supported: BUG: Bad page state in process kworker/u16:54 pfn:36e8...
Apache 2.4.x < 2.4.54 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.54 advisory. - Denial of Service modsed: If Apache HTTP Server 2.4.53 is configured to do transformations with modsed in contexts where the...
CVE-2021-47170
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...
CVE-2024-28180
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Mitigation Mitigation for this issue is either...