Serenityos Security Vulnerabilities

CVE-2021-4327

A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initialize_typed_array_from_array_buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has been disclosed to the.....

CVE-2021-33185

SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive...

CVE-2021-33186

SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive...

CVE-2021-31272

SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege...

CVE-2021-30045

SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read()...

CVE-2021-27343

SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The attack vector is: Parsing RSA Key...

CVE-2021-28874

SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted...

CVE-2019-20172

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel...