206 matches found
PYSEC-2026-1048 Segfault if `tf.histogram_fixed_width` is called with NaN values in TensorFlow
Impact The implementation of tf.histogramfixedwidth is vulnerable to a crash when the values array contain NaN elements: python import tensorflow as tf import numpy as np tf.histogramfixedwidthvalues=np.nan, valuerange=1,2 The implementation assumes that all floating point operations are defined...
CVE-2026-54904
A flaw was found in concurrent-ruby. A remote attacker could exploit a vulnerability in the Concurrent::AtomicReferenceupdate method, which can enter a permanent busy retry loop. This occurs when the current value is a special 'Not a Number' Float::NAN floating-point value, causing the method to...
Linux Distros Unpatched Vulnerability : CVE-2026-54904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current...
CVE-2026-54904
concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...
CVE-2026-54904
concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...
CVE-2026-54904 concurrent-ruby: `AtomicReference#update` livelocks when the stored value is `Float::NAN`
concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...
CVE-2026-54904
Technical details for CVE-2026-54904 are not publicly available in the provided documents. No affected versions, root cause, or fixes are described beyond the initial entry. Monitor for updates.
CVE-2026-54235
vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...
CVE-2026-54235
Summary: CVE-2026-54235 affects vLLM prior to 0.23.1rc0, where temperature validation gates using can silently mis-handle NaN and positive Infinity due to Python IEEE 754 behavior. This allows non-finite temperatures to bypass guards and propagate to GPU sampling kernels, causing undefined behav...
CVE-2026-54235 vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...
GHSA-H8W8-99G7-QMVJ Concurrent Ruby : `AtomicReference#update` livelocks when the stored value is `Float::NAN`
Summary Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between: - AtomicReferenceupdate, which retries until compareandsetoldvalue, newvalue succeeds. - Numeric compareandset, which checks old ==...
PT-2026-51090
Name of the Vulnerable Software and Affected Versions concurrent-ruby versions prior to 1.3.7 Description The Concurrent::AtomicReferenceupdate function can enter a permanent busy retry loop when the current value is Float::NAN. This occurs due to the interaction between AtomicReferenceupdate,...
Concurrent Ruby - `AtomicReference#update` livelocks when the stored value is `Float::NAN`
Summary Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between: - AtomicReferenceupdate, which retries until compareandsetoldvalue, newvalue succeeds. - Numeric compareandset, which checks old ==...
GHSA-7H4P-RFFG-7823 vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
Summary All temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors tha...
vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
Summary All temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors tha...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fixed a typographical error in the frequency notification. The NAN notification refers to a frequency of 5745 MHz, which corresponds to channel 149, not 5475—which is not a valid channel at all. This could le...
kernel: wifi: mac80211_hwsim: fix typo in frequency notification
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
kernel: wifi: mac80211_hwsim: fix typo in frequency notification
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...
imageproc: Out-of-bounds read via NaN coordinates in bilinear/bicubic sampling
A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...
Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout
Apache Log4j's JsonTemplateLayout, in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. This may cause downstream log processing systems to reject or fail to ind...