Denial Of Service (DoS)

qemu is vulnerable to denial of service. The vulnerability exists due to a flaw that allows an attacker to trigger infinite recursion via a crafted mmindex value during an atimmread or atimmwrite call...

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite) causing stack consumption in NTFS-3G < 2021.8.22.

...

Denial Of Service

wireshark:sid is vulnerable to denial of service attacks.Uncontrolled Recursion in the Bluetooth DHT dissector allows denial of service via packet injection or crafted capture file...

MGASA-2021-0528 Updated hivex packages fix security vulnerability

Fixes limit recursion in ri-records. CVE-2021-3622...

Updated hivex packages fix security vulnerability

Fixes limit recursion in ri-records. CVE-2021-3622...

SUSE: Security Advisory (SUSE-SU-2021:3854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:3854-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2017-18267: Fixed an infinite recursion that would allow remote attackers to cause a denial of service bsc1092945. - CVE-2018-13988: Added an improper implementation check which otherwise could allow buffer overflows, memory corruption, an...

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

...

Security update for poppler (important)

openSUSE Security Update: Security update for poppler Announcement ID: openSUSE-SU-2021:3854-1 Rating: important References: 1092945 1102531 1107597 1114966 1115185 1115186 1115187 1115626 1120495 1120496 1120939 1120956 1124150 1127329 1129202 1130229 1131696 1131722 1142465 1143950 1179163...

DNS Recursion Enabled (UDP) - Active Check

The DNS server has recursion enabled. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...

krb5 security update

1.15.1-51.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 1.15.1-51 - Fix KDC null deref on TGS inner body null server CVE-2021-37750 - Resolves: 1997599...

AZL-7416 CVE-2021-39929 affecting package wireshark for versions less than 3.4.14-1

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

Design/Logic Flaw

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

CVE-2021-39929

CVE-2021-39929 affects the Bluetooth DHT dissector in Wireshark, causing Denial of Service via packet injections or crafted capture files for Wireshark 3.4.0–3.4.9 and 3.2.0–3.2.17 due to uncontrolled recursion. Remediation is upgrading Wireshark to a fixed version (e.g., 3.4.10+ per Debian/Alt L...

PT-2021-5595 · Wireshark +5 · Wireshark +5

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.2.0 through 3.2.17 Wireshark versions 3.4.0 through 3.4.9 Description: The issue is caused by uncontrolled recursion in the Bluetooth DHT dissector. This can be exploited by a remote attacker to cause a denial of service ...

edk2: unlimited FV recursion, round 2

A flaw was found in edk2. An unlimited recursion in DxeCore may allow an attacker to corrupt the system memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

PYSEC-2021-820

TensorFlow is an open source platform for machine learning. In affected versions the code behind tf.function API can be made to deadlock when two tf.function decorated Python functions are mutually recursive. This occurs due to using a non-reentrant Lock Python object. Loading any model which...

PYSEC-2021-820

TensorFlow is an open source platform for machine learning. In affected versions the code behind tf.function API can be made to deadlock when two tf.function decorated Python functions are mutually recursive. This occurs due to using a non-reentrant Lock Python object. Loading any model which...

PYSEC-2021-622

TensorFlow is an open source platform for machine learning. In affected versions the code behind tf.function API can be made to deadlock when two tf.function decorated Python functions are mutually recursive. This occurs due to using a non-reentrant Lock Python object. Loading any model which...

PYSEC-2021-405

TensorFlow is an open source platform for machine learning. In affected versions the code behind tf.function API can be made to deadlock when two tf.function decorated Python functions are mutually recursive. This occurs due to using a non-reentrant Lock Python object. Loading any model which...