SUSE SLES12 Security Update : libxml2 (SUSE-SU-2025:4104-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4104-1 advisory. - CVE-2025-9714: Fixed infinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 - CVE-2025-8732: Fixed infinite...

Security Bulletin: Due to the use of Protobuf Pure-Python backend, IBM Watson Discovery Cartridge is vulnerable to corruption by exceeding the Python recursion limit

Summary IBM Watson Discovery Cartridge uses Protobuf Pure-Python backend for gRPC communication between the Python IOCR service and the Scala/Java pipeline components Vulnerability Details CVEID:CVE-2025-4565 DESCRIPTION: Any project that uses Protobuf Pure-Python backend to parse untrusted...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-9714: Fixed infinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files bsc1247850 Patch...

SUSE-SU-2025:4104-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2025-9714: Fixed infinite recursion at exsltDynMapFunction function in libexslt/dynamic.c bsc1249076 - CVE-2025-8732: Fixed infinite recursion in catalog parsing functions when processing malformed SGML catalog files bsc1247850...

Unity Linux 20.1070e Security Update: libxslt (UTSA-2025-990908)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990908 advisory. Uncontrolled recursion inXPath evaluationin libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPa...

Security Bulletin: IBM Storage Insights is vulnerable to weakness related to Apache Commons Lang

Summary Vulnerabilities in Apache Commons Lang may affect IBM Storage Insights which could allow uncontrolled recursion. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

EUVD-2025-150368

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftobjref: validate objref and objrefmap expressions Referencing a synproxy stateful object from OUTPUT hook causes kernel crash due to infinite recursive calls: BUG: TASK stack guard page was hit at 000000008bda5b8c...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2021-46195)

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service DoS by consuming excessive CPU and memory resources. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2020-12243)

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service daemon crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

Siemens SIMATIC S7-1500 Loop with Unreachable Exit Condition (CVE-2017-16932)

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504324...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2021-3997)

A flaw was found in systemd. An uncontrolled recursion in systemd- tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2019-19645)

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2022-27943)

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangleconst, as demonstrated by nm-new. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2020-8285)

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2020-28196)

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit. This plugin only works with Tenable.ot. Please visit...

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

RHEL 9 : kernel (RHSA-2025:21051)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21051 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: eventpoll: Fix semi-unbounded...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient object reference validation and could lead to an infinite recursive crash...

kernel: afs: Fix lock recursion

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afswakeupasynccall can incur lock recursion. The problem is that it is called from AFRXRPC whilst holding the -notifylock, but it tries to take a ref on the afscall struct in order to pass it to a work que...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...