16673 matches found
GHSA-996Q-PR4M-CVGQ pypdf has a possible infinite loop when processing TreeObject
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the children of a TreeObject, for example as part of outlines. Patches This has been fixed in pypdf==6.7.1. Workarounds If you cannot upgrade yet, consider applying the changes...
CVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
CVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
UBUNTU-CVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
CVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
CVE-2026-23220
CVE-2026-23220 – Linux kernel ksmbd infinite loop fix : In ksmbd, when a signed SMB2 request fails verification, __process_request() triggers an error path that calls set_smb2_rsp_status() and resets next_smb2_rcv_hdr_off to zero. This loses the pointer to the next command in the chain, so is_cha...
CVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
CVE-2026-23217
In the Linux kernel, the following vulnerability has been resolved: riscv: trace: fix snapshot deadlock with sbi ecall If sbiecall.c's functions are traceable, echo "sbiecall:snapshot" /sys/kernel/tracing/setftracefilter may get the kernel into a deadlock. Functions in sbiecall.c are excluded fro...
Infinite loop
Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker ...
Infinite loop
Overview jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker to hang the...
AZL-77981 CVE-2026-27171 affecting package blosc 1.21.4-2
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
CVE-2026-27171
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
AZL-77990 CVE-2026-27171 affecting package clucene 2.3.3.4-38
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
ALPINE-CVE-2026-27171
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
AZL-78021 CVE-2026-27171 affecting package ogdi 4.1.1-3
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
DEBIAN-CVE-2026-27171
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
AZL-78179 CVE-2026-27171 affecting package rust 1.72.0-14
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
CVE-2026-27171
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...