ROS-20260608-73-0006

The vulnerability of the .NET software platform lies in the execution of a loop with an exit condition that is not met. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

CVE-2026-43358

CVE-2026-43358 affects the Linux kernel's btrfs filesystem. The vulnerability is a missing RCU unlock in the error path of try_release_subpage_extent_buffer(), where rcu_read_lock() should be held before exiting the loop because an rcu_read_unlock() occurs past the loop. The issue was identified ...

PT-2026-39019

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A missing RCU Read-Copy-Update unlock in the error path of the try release subpage extent buffer function within the btrfs module can occur. This happens because a rcu read unlock call...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: The refcount leak in qmpcoolingdevicesregister has been fixed. In every iteration of foreachavailablechildofnode, the reference count of the previous node is decremented. When exiting the...

CVE-2022-50641

In the Linux kernel, the following vulnerability has been resolved: HSI: omapssi: Fix refcount leak in ssiprobe When returning or breaking early from a foreachavailablechildofnode loop, we need to explicitly call ofnodeput on the child node to possibly release the node...

CVE-2025-66559 Taiko Alethia Pacaya inbox verification pointer corruption

Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox.verifyBatches packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678 advanced the local tid to whatever...

UBUNTU-CVE-2022-50582

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is not integer timeremaining underflows and does not exit the loop as expected. As delay could be derived from DT and pollenabledtime is...

CVE-2022-50582

The CVE refers to the Linux kernel regulator core vulnerability (CVE-2022-50582) where a non-integer ratio of delay to poll_enabled_time can cause time_remaining to underflow and the loop not exit. The documented fix is to use a signed iterator so the loop exits when remaining time becomes negati...

CVE-2022-50520

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix PCI device refcount leak in radeonatrmgetbios As comment of pcigetclass says, it returns a pcidevice with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we...

EUVD-2022-55458

Malicious code in bioql PyPI...

ROS-20250911-07

A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to affect the integrity, availability, and confidentiality of protected information. confidentiality of...

UBUNTU-CVE-2025-38671

In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang th...

CVE-2025-38671

CVE-2025-38671 affects the Linux kernel i2c: qup driver. Root cause: timeout handling only set a return value and did not exit the loop when a client keeps the bus active, enabling kernel hang (observed with PCA953x GPIO extender). Fix: change the logic to return via -ETIMEDOUT, jumping out of th...

CVE-2025-38671 i2c: qup: jump out of the loop in case of timeout

In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang th...

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the execution of a loop with an unreachable exit condition, allowing a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the iwl_mvm_umac_scan_cfg_channels_v6_6g() function in the drivers/net/wireless/intel/iwlwifi/mvm/scan.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the function iwlmvmumacscancfgchannelsv66g in the module drivers/net/wireless/intel/iwlwifi/mvm/scan.c of the Linux kernel is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failur...

The vulnerability of the Frame Iterator component in the Firefox web browser, related to the execution of a loop with an unreachable exit condition, allows attackers to compromise data integrity.

The vulnerability of the Frame Iterator component in the Firefox web browser is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to compromise data integrity...

ROS-20240918-05

A vulnerability in the net component of the Golang programming language is related to the execution of a loop with an inaccessible exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

UBUNTU-CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2 returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shif...

The vulnerability of the decode_line_info function in the dwarf2.c component of the GNU Binutils development environment allows a hacker to induce a service failure.

The vulnerability of the decodelineinfo function in the dwarf2.c component of the GNU Binutils development environment is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability allows an attacker to trigger a service failure using a specially created...