Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2024-08-07 CVE-2024-42247 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swap_endian() tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned access to 0x55f4688c in wg_allowedips_insert_v6+0x2c/0x80 [wireguard] (iir 0xf3010df) Kernel: unaligned access to 0x55f46884 in wg_allowedips_insert_v6+0x38/0x80 [wireguard] (iir 0xf2010dc) Avoid such unaligned memory accesses by instead using the get_unaligned_be64() helper macro. [Jason: replace src[8] in original patch with src+8]
local
low complexity
linux CWE-770
5.5
2024-07-30 CVE-2024-42145 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extract packets from this list, the rate of extraction may not match the rate of incoming packets, leading to potential list overflow. To address this, we introduce a limit to the size of the list.
local
low complexity
linux CWE-770
5.5
2024-07-29 CVE-2024-42082 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from __xdp_reg_mem_model() syzkaller reports a warning in __xdp_reg_mem_model(). The warning occurs only if __mem_id_init_hash_table() returns an error.
local
low complexity
linux CWE-770
5.5
2024-07-22 CVE-2024-41132 Allocation of Resources Without Limits or Throttling vulnerability in Sixlabors Imagesharp
ImageSharp is a 2D graphics API.
network
low complexity
sixlabors CWE-770
7.5
2024-07-17 CVE-2024-41009 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer counter to show which logical position the consumer consumed the data, and producer_pos which is the producer counter denoting the amount of data reserved by all producers. Each time a record is reserved, the producer that "owns" the record will successfully advance producer counter.
local
low complexity
linux CWE-770
5.5
2024-07-11 CVE-2024-38534 Allocation of Resources Without Limits or Throttling vulnerability in Oisf Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf CWE-770
7.5
2024-07-11 CVE-2024-38535 Allocation of Resources Without Limits or Throttling vulnerability in Oisf Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf CWE-770
7.5
2024-07-09 CVE-2024-31314 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion.
local
low complexity
google CWE-770
5.5
2024-07-05 CVE-2024-39472 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial umount record in old xfsprogs versions.
local
low complexity
linux CWE-770
5.5
2024-07-05 CVE-2024-39474 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL commit a421ef303008 ("mm: allow !GFP_KERNEL allocations for kvmalloc") includes support for __GFP_NOFAIL, but it presents a conflict with commit dd544141b9eb ("vmalloc: back off when the current task is OOM-killed").
local
low complexity
linux CWE-770
5.5