OESA-2025-1919 polkit security update

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. Security Fixes: A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggere...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the XML parsing process. An attacker can cause a crash by providing a specially crafted MTLX file with deeply nested nodegraph elements, leading to stack exhaustion during recursive parsing. Remediation...

SUSE-SU-2025:02527-1 Security update for polkit

This update for polkit fixes the following issues: - CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472...

Security update for polkit

This update for polkit fixes the following issues: CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. bsc1246472 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

AZL-65379 CVE-2025-7519 affecting package polkit for versions less than 0.119-4

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account i...

Denial Of Service (DoS)

com.nimbusds:nimbus-jose-jwt is vulnerable to Denial Of Service DoS. The vulnerability is due to uncontrolled recursion due to lack of validation on JSON object nesting depth in JWT claim sets, allowing remote attackers to exhaust system resources with deeply nested structures...

CVE-2025-53864

Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2i...

Exploit for Uncontrolled Resource Consumption in Oracle Mysql_Cluster

CVE-2025-21574-Exploit Key Features of this Black-Box Exploi...

kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning

A flaw incorrect memory access in the Linux kernel Mellanox network Ethernet or RDMA device driver was found. A local user could use this flaw to crash the system...

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

CVE-2025-52999

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly...

CVE-2025-52999 jackson-core Has Potential for StackoverflowError if user parses an input file that contains very deeply nested data

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly...

protobuf: StackOverflow vulnerability in Protocol Buffers

A flaw was found in Protocol Buffers protobuf. This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion...

kernel: lib: objagg: Fix general protection fault

linux kernel's lib objagg can incorrectly permit object nesting in an unallowed circumstance, based on lack of appropriate checks stemming from assumption violations. The incorrect object creation from this assumption can lead to general protection fault...

CVE-2025-23163

CVE-2025-23163 relates to a Linux kernel issue in VLAN handling: net: vlan: don't propagate flags on open. The root cause is a possible deadlock when opening VLAN devices due to the device instance lock, where a task may try to acquire dev->lock while already holding it (seen in dev_open + dev...

SUSE CVE-2023-53020

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

DEBIAN-CVE-2023-53020

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

RockyLinux 9 : grafana (RLSA-2024:9473)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9473 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-3415...

AZL-58641 CVE-2024-8176 affecting package expat for versions less than 2.6.4-1

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

DEBIAN-CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...