UBUNTU-CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest L2, possibly leading to a page fault and kernel panic in the host L0...

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

sqlite: Out of bounds access during table rename

An out-of-bounds read vulnerability was found in SQLite. This security flaw occurs when the ALTER TABLE for views has a nested FROM clause. This flaw allows an attacker to triage an out-of-bounds read and access confidential data successfully...

CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest L2, possibly leading to a page fault and kernel panic in the host L0...

CVE-2022-3344

CVE-2022-3344 is a vulnerability in the Linux kernel related to KVM AMD nested virtualization (SVM). The issue allows a malicious L1 guest to fail to intercept the shutdown of a cooperative nested L2 guest, which can cause a page fault and kernel panic on the host. Public sources in Connected doc...

PT-2022-6439 · Kvm +7 · Kvm +7

Name of the Vulnerable Software and Affected Versions: KVM affected versions not specified Description: A flaw was found in KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest L2, possibly leading to a page fault a...

CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest L2, possibly leading to a page fault and kernel panic in the host L0...

CVE-2022-3344

A flaw was found in the KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest L2, possibly leading to a page fault and kernel panic in the host L0. Mitigation This vulnerability can be mitigated by disabling the nest...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel has a security vulnerability that stems from a flaw discovered in the AMD nested virtualization SVM of KVM. A malicious L1 guest may intentionally not intercept the shutdown of a...

CVE-2022-42004

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

Vulnerability fixed in Cisco Jabber

Cisco has fixed a vulnerability in the Jabber clients for Windows, macOS, iOS and Android. A malicious party could potentially exploit the vulnerability to use nested XMPP messages to manipulate the behavior of the vulnerable client and thus potentially gain access to sensitive data or, as Cisco...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

jackson-databind: denial of service via a large depth of nested objects

A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects...

jackson-databind: denial of service via a large depth of nested objects

A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects...

Cisco Jabber 安全漏洞

Cisco Jabber is a unified communications client solution from Cisco. An input validation error vulnerability exists in Cisco Jabber Client Software versions prior to 14.1.3, which stems from improper handling of nested XMPP messages in requests sent to Cisco Jabber Client Software, and could be...