Vulnerabilities > Allocation of Resources Without Limits or Throttling
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-17 | CVE-2024-41009 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer counter to show which logical position the consumer consumed the data, and producer_pos which is the producer counter denoting the amount of data reserved by all producers. Each time a record is reserved, the producer that "owns" the record will successfully advance producer counter. | 5.5 |
2024-07-11 | CVE-2024-38534 | Allocation of Resources Without Limits or Throttling vulnerability in Oisf Suricata Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
2024-07-11 | CVE-2024-38535 | Allocation of Resources Without Limits or Throttling vulnerability in Oisf Suricata Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
2024-07-09 | CVE-2024-31314 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion. | 5.5 |
2024-07-05 | CVE-2024-39472 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial umount record in old xfsprogs versions. | 5.5 |
2024-07-05 | CVE-2024-39474 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL commit a421ef303008 ("mm: allow !GFP_KERNEL allocations for kvmalloc") includes support for __GFP_NOFAIL, but it presents a conflict with commit dd544141b9eb ("vmalloc: back off when the current task is OOM-killed"). | 5.5 |
2024-07-05 | CVE-2024-39477 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call vma_add_reservation upon ENOMEM sysbot reported a splat [1] on __unmap_hugepage_range(). | 5.5 |
2024-07-05 | CVE-2024-39478 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations. | 5.5 |
2024-07-05 | CVE-2024-39482 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed size MAX_BSETS, or from a mempool with a dynamic size based on the specific cache set. | 5.5 |
2024-07-05 | CVE-2024-39484 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_MMC_DAVINCI=y. | 5.5 |