Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2024-07-17 CVE-2024-41009 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer counter to show which logical position the consumer consumed the data, and producer_pos which is the producer counter denoting the amount of data reserved by all producers. Each time a record is reserved, the producer that "owns" the record will successfully advance producer counter.
local
low complexity
linux CWE-770
5.5
2024-07-11 CVE-2024-38534 Allocation of Resources Without Limits or Throttling vulnerability in Oisf Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf CWE-770
7.5
2024-07-11 CVE-2024-38535 Allocation of Resources Without Limits or Throttling vulnerability in Oisf Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf CWE-770
7.5
2024-07-09 CVE-2024-31314 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion.
local
low complexity
google CWE-770
5.5
2024-07-05 CVE-2024-39472 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial umount record in old xfsprogs versions.
local
low complexity
linux CWE-770
5.5
2024-07-05 CVE-2024-39474 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL commit a421ef303008 ("mm: allow !GFP_KERNEL allocations for kvmalloc") includes support for __GFP_NOFAIL, but it presents a conflict with commit dd544141b9eb ("vmalloc: back off when the current task is OOM-killed").
local
low complexity
linux CWE-770
5.5
2024-07-05 CVE-2024-39477 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call vma_add_reservation upon ENOMEM sysbot reported a splat [1] on __unmap_hugepage_range().
local
low complexity
linux CWE-770
5.5
2024-07-05 CVE-2024-39478 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.
local
low complexity
linux CWE-770
5.5
2024-07-05 CVE-2024-39482 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed size MAX_BSETS, or from a mempool with a dynamic size based on the specific cache set.
local
low complexity
linux CWE-770
5.5
2024-07-05 CVE-2024-39484 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_MMC_DAVINCI=y.
local
low complexity
linux CWE-770
5.5