RESTEasy: Caching routes in RootNode may result in DoS

A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service...

DEBIAN-CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

ALPINE-CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

UBUNTU-CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

oxenstored: permissions not checked on root node

ISSUE DESCRIPTION In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged guests can get and modify...

Xen Permission License and Access Control Issues Vulnerability

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen through version 4.14.x suffers from a...

RESTEasy: Caching routes in RootNode may result in DoS

A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service...

CVE-2019-19036

btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcudereferenceroot-node can be zero...

CVE-2019-19036

btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcudereferenceroot-node can be zero...

UBUNTU-CVE-2019-19036

btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcudereferenceroot-node can be zero...

Linux kernel null pointer dereference vulnerability (CNVD-2019-42385)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A null pointer dereference vulnerability exists in btrfsrootnode in fs/btrfs/ctree.c in Linux kernel 5.3.12 and...

DEBIAN-CVE-2018-14612

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfsrootnode when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfsreadblockgroups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks i...

Linux kernel invalid pointer dereference vulnerability (CNVD-2018-24481)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'btrfsrootnode' function in Linux kernel version 4.17.10 and earlier. An attacker can exploit this vulnerability to cause a deni...

Code injection

OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service kernel panic by mounting a tmpfs with a VNOVAL in the 1 username, 2 groupname, or 3 device name of the root node...