157 matches found
net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove
...
CVE-2026-52947
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...
CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...
CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...
CVE-2026-52947
The CVE-2026-52947 issue affects the Linux kernel qrtr subsystem, specifically in qrtr_port_remove(), where the socket reference count is decremented via __sock_put() before the port is removed from the qrtr_ports XArray and before the RCU grace period elapses. This creates a race window where a ...
PT-2026-51841
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the qrtr port remove function where the socket reference count is decremented using sock put before the port is removed from the qrtr ports XArray and before the RCU...
EUVD-2026-38446
Inefficient algorithmic complexity in Plug's nested-parameter decoder allows an unauthenticated remote attacker to cause denial of service. Plug.Conn.Query.decode/4 and Plug.Conn.Query.decodeeach/2 parse query strings and application/x-www-form-urlencoded request bodies. When a key contains many...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: The ability to repeatedly call sysmembarrier has been reduced. On some systems, sysmembarrier can be very expensive, causing overall slowdown in all processes. Therefore, a lock should be placed on the path to...
Astra Linux – Vulnerability in Puma
Puma is an HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted; it did not prevent new connections from being blocked by greedy persistent-connections that saturated all threads ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: schedext: The issue of starving the scxenable function under fair-class saturation has been fixed. During scxenable, the READY - ENABLED task switching loop changes the calling thread’s schedclass from fair to ext. Since fair has...
CVE-2026-8202
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
Zebra has Permanent Block Discovery Halt via Gossip Queue Saturation and Syncer Poisoning
Summary A composite denial-of-service vulnerability in Zebra's block discovery pipeline allows an unauthenticated remote attacker to permanently halt all new block discovery on a targeted node. The attack exploits three independent weaknesses in the gossip, syncer, and download subsystems — all...
CVE-2026-43392 sched_ext: Fix starvation of scx_enable() under fair-class saturation
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's schedclass from fair to ext. Since fair has higher priority than ext,...
CVE-2026-43392
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's schedclass from fair to ext. Since fair has higher priority than ext,...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the possibility that scxenable may be infinitely starved during fair class saturation, leading to syst...
CVE-2026-35526
Strawberry GraphQL is a library for creating GraphQL APIs. Prior to 0.312.3, Strawberry GraphQL's WebSocket subscription handlers for both the graphql-transport-ws and legacy graphql-ws protocols allocate an asyncio.Task and associated Operation object for every incoming subscribe message without...
Allocation of Resources Without Limits or Throttling
Overview strawberry-graphql is an A library for creating GraphQL APIs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the WebSocket subscription handling process. An attacker can exhaust server resources by sending a large number of...
CVE-2021-28096
An issue was discovered in Stormshield SNS before 4.2.3 when the proxy is used. An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections...
CVE-2025-66560
Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously writt...
Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write
A vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously written response chunks to be fully transmitted before proceeding. If the client connection is dropped during this waiting period, the...