766 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/vma: add giveuponoom option on modify/merge, use in uffd release Currently, if a VMA merge fails due to an OOM condition arising on commit merge or a failure to duplicate anonvma's, we report this so the caller can handle it...
CVE-2024-50285
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...
CVE-2024-53063
CVE-2024-53063: Linux kernel DVB minor management (dvbdev) allowed potential OOM via a static minor-tracker when CONFIG_DVB_DYNAMIC_MINORS is unset and device/register calls para-mismatch occurred. The patch adds explicit boundary guards in dvb_register_device and dvb_device_open to prevent out-o...
CVE-2024-53063 media: dvbdev: prevent the risk of out of memory access
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIGDVBDYNAMICMINORS is set or not. When not set, dvbregisterdevice won't che...
CVE-2024-53063
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIGDVBDYNAMICMINORS is set or not. When not set, dvbregisterdevice won't che...
CVE-2024-53063 media: dvbdev: prevent the risk of out of memory access
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIGDVBDYNAMICMINORS is set or not. When not set, dvbregisterdevice won't che...
CVE-2024-50285
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...
CVE-2024-50285
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...
CVE-2024-50285
CVE-2024-50285 affects ksmbd in the Linux kernel. The issue occurs when a client issues simultaneous SMB operations, which can exhaust memory via ksmbd_work_cache and cause an OOM. A patch adds a check against exceeding max credits, treating each SMB request as consuming at least one credit to pr...
CVE-2024-50285 ksmbd: check outstanding simultaneous SMB operations
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...
CVE-2024-52916
Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...
CVE-2024-52916
Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...
CVE-2024-52916
Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...
CVE-2024-52916
Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...
kernel: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with GFPNOFAIL commit a421ef303008 "mm: allow !GFPKERNEL allocations for kvmalloc" includes support for GFPNOFAIL, but it presents a conflict with commit dd544141b9eb...
CVE-2024-50263 fork: only invoke khugepaged, ksm hooks if no error
In the Linux kernel, the following vulnerability has been resolved: fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks early against an mm that is in an incomplete state. The change in commit d24062914837 "fork: use mtdup to duplicate maple tree in dupmma...
Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...
CVE-2024-9676
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...
CVE-2024-9676 Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...
CVE-2024-9676
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...