22 matches found
Regular Expression Denial of Service (ReDoS)
Overview linkify-it is a Links recognition library with FULL unicode support Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to quadratic algorithmic complexity in the match function. An attacker can exhaust CPU resources and cause significant...
CVE-2026-53120
In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...
EUVD-2026-38986
In the Linux kernel, the following vulnerability has been resolved: vdpa: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause...
CVE-2026-53118
In the Linux kernel CVE-2026-53118, the issue is in the vdpa path where, during __driver_attach(), the bus' match() is invoked without holding the device lock, exposing the driver_override field to a use-after-free. The root cause is missing synchronization when accessing driver_override during p...
CVE-2026-53115
In the Linux kernel, CVE-2026-53115 affects the bus: fsl-mc driver where, during driver probing via __driver_attach(), the bus match() callback could access the driver_override field without holding the device lock, creating a use-after-free risk. The fix uses the driver-core driver_override infr...
PT-2026-52011
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the s390/cio component. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock...
PT-2026-52009
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the fsl-mc bus. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This lead...
PT-2025-13342 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential spectre v1 gadget in the fib metrics match function has been resolved. The issue arises from the use of the type variable as an array index, which could lead to cpu...
Denial Of Service (DoS)
tiff is vulnerable to denial of service DoS. The vulnerability exists as a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be use...
Design/Logic Flaw
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check...
CVE-2019-11413
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check...
CVE-2017-16231
DISPUTED In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack th...
CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...
CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...
CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...
CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...
CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...
CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...
CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
CVE-2015-8382
The match function in pcreexec.c in PCRE before 8.37 mishandles the /?:abcd|?:?:?:?:abc|?:abcdefbabcdefghiabc|ACCEPT/ pattern and related patterns involving ACCEPT, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service partially initialized...