SUSE CVE-2023-30456

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

DEBIAN-CVE-2023-30456

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

AZL-26046 CVE-2023-30456 affecting package kernel for versions less than 5.15.107.1-2

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

UBUNTU-CVE-2023-30456

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

Design/Logic Flaw

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

CVE-2023-30456

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from a security issue in arch/x86/kvm/vmx/nested.c, where nVMX on x8664 lacks consistency checks for CR0 and CR4...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

CVE-2020-36691

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service unbounded recursion via a nested Netlink policy with a back reference...

Denial Of Service (DoS)

net.minidev, json-smart is vulnerable to Denial Of Service DoS. The vulnerability exists because there is no nested depth checks for deeply nested JSON arrays or objects, which allows an attacker to crash the application via a malicious array with deeply nested elements...

CVE-2020-36691

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service unbounded recursion via a nested Netlink policy with a back reference...

GHSA-493P-PFQ6-5258 json-smart Uncontrolled Recursion vulnerability

Impact Affected versions of net.minidev:json-smart are vulnerable to Denial of Service DoS due to a StackOverflowError when parsing a deeply nested JSON array or object. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered tha...

Stack overflow

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-45869)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-45869 advisory. - A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause...

OESA-2023-1163 snakeyaml security update

SnakeYAML is a YAML parser and emitter for the Java Virtual Machine. YAML is a data serialization format designed for human readability and interaction with scripting languages. Security Fixes: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missi...

OESA-2023-1162 snakeyaml security update

SnakeYAML is a YAML parser and emitter for the Java Virtual Machine. YAML is a data serialization format designed for human readability and interaction with scripting languages. Security Fixes: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missi...

OESA-2023-1165 snakeyaml security update

SnakeYAML is a YAML parser and emitter for the Java Virtual Machine. YAML is a data serialization format designed for human readability and interaction with scripting languages. Security Fixes: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missi...

USN-5962-1 linux-intel-iotg vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-5962-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5962-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...