non-atomic modification of live EPT PTE

ISSUE DESCRIPTION When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially-written PTE to the hardware, which an attacker might be able ...

SUSE-SU-2020:0629-2 Security update for librsvg

This update for librsvg to version 2.42.8 fixes the following issues: librsvg was updated to version 2.42.8 fixing the following issues: - CVE-2019-20446: Fixed an issue where a crafted SVG file with nested patterns can cause denial of service bsc1162501. NOTE: Librsvg now has limits on the numbe...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-1674)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

DEBIAN-CVE-2018-16848

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...

PYSEC-2020-240

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...

UBUNTU-CVE-2018-16848

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...

PT-2020-8565 · Openstack +1 · Openstack-Mistral +1

Name of the Vulnerable Software and Affected Versions: OpenStack Mistral versions up to and including 7.0.3 Description: A Denial of Service DoS condition is possible due to submitting a specially crafted workflow definition YAML file containing nested anchors, which can lead to resource...

DEBIAN-CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

ALPINE-CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

Integer overflow

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

CVE-2019-20815

An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows stack consumption via nested function calls for XML parsing...

CVE-2019-20819

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing...

CVE-2019-20819

CVE-2019-20819 affects Foxit Reader and PhantomPDF versions before 9.7. The vulnerability arises from nested function calls during XML parsing, causing stack exhaustion and potentially crashing the application. Remediation: upgrade to Foxit Reader/PhantomPDF 9.7 or newer. Other sources reiterate ...

CVE-2019-20815

An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows stack consumption via nested function calls for XML parsing...

CVE-2019-20815

Foxit PhantomPDF prior to 8.3.12 has a vulnerability where stack consumption can occur via nested function calls during XML parsing, potentially leading to a crash. Affected product: Foxit PhantomPDF (before 8.3.12). Root cause: stack exhaustion in XML parsing, as described in CVE-2019-20815. Imp...

Fedora 32 : perl-Email-MIME / perl-Email-MIME-ContentType (2020-22764f623f)

This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. An application written in Perl would only be vulnerable to this flaw if it evaluates regular expressions supplied by the attacker. Evaluating regular...

UBUNTU-CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. An application written in Perl would only be vulnerable to this flaw if it evaluates regular expressions supplied by the attacker. Evaluating regular...