CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-11614 – Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library
https://notcve.org/view.php?id=CVE-2024-11614
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. • https://access.redhat.com/security/cve/CVE-2024-11614 https://bugzilla.redhat.com/show_bug.cgi?id=2327955 http://www.openwall.com/lists/oss-security/2024/12/17/3 • CWE-125: Out-of-bounds Read •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56317
https://notcve.org/view.php?id=CVE-2024-56317
., a denial of service. • https://github.com/project-chip/connectedhomeip/issues/36535 • CWE-281: Improper Preservation of Permissions •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-56318
https://notcve.org/view.php?id=CVE-2024-56318
In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service. • https://github.com/project-chip/connectedhomeip/commit/27ca6ec255b78168e04bd71e0f1a473869cf144b https://github.com/project-chip/connectedhomeip/issues/36750 https://github.com/project-chip/connectedhomeip/pull/36751 • CWE-476: NULL Pointer Dereference •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-56319
https://notcve.org/view.php?id=CVE-2024-56319
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a denial of service (resource exhaustion). • https://github.com/project-chip/connectedhomeip/commit/e3277eb02ed8115de5887e8beca0e35007ba71f3 https://github.com/project-chip/connectedhomeip/issues/36760 https://github.com/project-chip/connectedhomeip/pull/36843 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-54677 – Apache Tomcat: DoS in examples web application
https://notcve.org/view.php?id=CVE-2024-54677
Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. • https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n http://www.openwall.com/lists/oss-security/2024/12/17/5 http://www.openwall.com/lists/oss-security/2024/12/17/6 • CWE-400: Uncontrolled Resource Consumption •