CVE-2024-56783

MEDIUM Year: 2024
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-617
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove unnecessary WARN_ON_ONCE which is reachable from userspace.

Related Vulnerabilities

CVE-2015-8745

MEDIUM
CVSS:5.5(Medium)

QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_...

CWE-6172015

CVE-2016-9388

MEDIUM
CVSS:5.5(Medium)

The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

CWE-6172016

CVE-2017-14649

MEDIUM
CVSS:5.5(Medium)

ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).

CWE-6172017

CVE-2017-15371

MEDIUM
CVSS:5.5(Medium)

There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an a...

CWE-6172017

CVE-2017-18169

MEDIUM
CVSS:5.5(Medium)

User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

CWE-6172017

CVE-2017-5981

MEDIUM
CVSS:5.5(Medium)

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.

CWE-6172017