Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the openvswitch module not freeing memory when handling nested actions, potentially leading to a memory leak...

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

Release Information for Proxmox Virtual Environment Plug-In v12.1.3.217

Update: 2025-03-19 Consider the following regarding the Proxmox Virtual Environment Plug-In: The Plug-in build on this page, 12.1.3.217, is included automatically when upgrading to or installing Veeam Backup & Replication 12.3.1. The Plug-in only needs to be manually deployed by customers still...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.12 (RHSA-2025:1747)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1747 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

OESA-2025-1144 protobuf security update

Protocol Buffers a.k.a., protobuf are Google's language-neutral, platform-neutral, extensible mechanism for serializing structured data. You can find protobuf's documentation on the Google Developers site. Security Fixes: Any project that parses untrusted Protocol Buffers data containing an...

DEBIAN-CVE-2024-57257

A stack consumption issue in sqfssize in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting...

SUSE CVE-2024-7254

Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or...

sqlparse: parsing heavily nested list leads to denial of service

A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse, where a recursion error may be triggered, which can lead to a denial of service...

PT-2025-10071

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug in the Linux kernel's KVM Kernel-based Virtual Machine implementation allows the guest's DR6 value to be clobbered when the guest modifies DR6 and then a fastpath VM-Exit occurs...

CVE-2023-20582

Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry PTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity...

CVE-2023-20582

Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry PTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVMs. When PAE paging is used, the bits 4:0 of the CR3 register are ignored, and thus VMRUN does not enforce a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation. Each attribute within a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo. Therefore, the size of such an attribute must be at least sizeofstruct...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Acquiring kvm-srcu when handling KVMSETVCPUEVENTS Acquire kvm-srcu when processing KVMSETVCPUEVENTS. When SMM mode is toggled, KVM will forcibly leave the nested VMX/SVM state. Leaving such a state also results in...

PT-2025-6395 · Amd · Sev-Snp

Name of the Vulnerable Software and Affected Versions: SEV-SNP affected versions not specified Description: The issue is related to the improper handling of invalid nested page table entries in the IOMMU, which may allow a privileged attacker to induce page table entry PTE faults. This could...

AMD Server Processor 安全漏洞

AMD Server Processor is a processor product for the server market from UltraMicro Semiconductor AMD that is primarily used in data centers, cloud computing, and high-performance computing. A security vulnerability exists in AMD Server Processor that stems from the improper handling of invalid...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-1190)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.CVE-2024-3415...

UBUNTU-CVE-2024-57949

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don't enable interrupts in itsirqsetvcpuaffinity The following call-chain leads to enabling interrupts in a nested interrupt disabled section: irqsetvcpuaffinity irqgetdesclock rawspinlockirqsave --- Disable...