CVE-2024-1151

MEDIUM Year: 2024
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-121
View all →

Vulnerability Description

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.

Related Vulnerabilities

CVE-2018-1071

MEDIUM
CVSS:5.5(Medium)

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.

CWE-1212018

CVE-2019-10974

MEDIUM
CVSS:5.5(Medium)

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code.

CWE-1212019

CVE-2022-2078

MEDIUM
CVSS:5.5(Medium)

A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of se...

CWE-1212022

CVE-2022-38672

MEDIUM
CVSS:5.5(Medium)

In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

CWE-1212022

CVE-2022-38750

MEDIUM
CVSS:5.5(Medium)

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the pars...

CWE-1212022

CVE-2022-39106

MEDIUM
CVSS:5.5(Medium)

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

CWE-1212022