CVE-2022-48939

LOW Year: 2022
CVSS v3 Score
3.3
Low
Weakness Type
CWE-834
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1:1:27 blocked for more than 140 seconds. INFO: task hung in rcu_barrier Nothing prevents batch ops to process huge amount of data, we need to add schedule points in them. Note that maybe_wait_bpf_programs(map) calls from generic_map_delete_batch() can be factorized by moving the call after the loop. This will be done later in -next tree once we get this fix merged, unless there is strong opinion doing this optimization sooner.

Related Vulnerabilities

CVE-2016-7421

MEDIUM
CVSS:4.4(Medium)

The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by ...

CWE-8342016

CVE-2021-0687

MEDIUM
CVSS:5.0(Medium)

In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is ne...

CWE-8342021

CVE-2017-12587

HIGH
CVSS:8.8(High)

ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.

CWE-8342017

CVE-2017-11188

HIGH
CVSS:7.5(High)

The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.

CWE-8342017

CVE-2017-11409

HIGH
CVSS:7.5(High)

In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.

CWE-8342017

CVE-2018-11813

HIGH
CVSS:7.5(High)

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.

CWE-8342018