40 matches found
Astra Linux - уязвимость в u-boot
A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: nfsreadlinkreply...
Astra Linux - уязвимость в u-boot
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem...
EUVD-2019-5443
Malware in sbrugna...
EUVD-2019-7793
Malware in sbrugna...
EUVD-2019-5450
Malware in sbrugna...
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.
...
CVE-2019-17389
In RIOT 2019.07, the MQTT-SN implementation asymcute mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker via a large packet to prevent a RIOT MQTT-SN client from working until the device is restarted...
CVE-2019-17389
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors during a UDP read, causing the receive loop to terminate. This can allow an attacker to disrupt a RIOT MQTT-SN client by sending a large packet, preventing operation until the device is restarted. (CVE-2019-17389)
CVE-2019-16754
RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation asymcute, potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message an...
Null pointer dereference
RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation asymcute, potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message an...
CVE-2019-16754
CVE-2019-16754 affects RIOT as of 2019.07, describing a NULL pointer dereference in the MQTT-SN (asymcute) implementation that can crash a network node. Exploitation requires spoofing a MQTT server response and knowledge of the MQTT MsgID for a pending message, the ephemeral port used by RIOT’s M...
Information disclosure
In the TCP implementation gnrctcp in RIOT through 2019.07, the parser for TCP options does not terminate on all inputs, allowing a denial-of-service, because sys/net/gnrc/transportlayer/tcp/gnrctcpoption.c has an infinite loop for an unknown zero-length option...
CVE-2019-15702
CVE-2019-15702 affects RIOT OS GNRC TCP: the TCP options parser (gnrc_tcp_option.c) does not terminate on all inputs, causing an infinite loop for an unknown zero-length option and leading to denial-of-service in RIOT implementations up to 2019.07. The issue is a logic error in parsing TCP option...
CVE-2019-15134
RIOT through 2019.07 contains a memory leak in the TCP implementation gnrctcp, allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to receive in sys/net/gnrc/transportlayer/tcp/gnrctcpeventloop.c...
CVE-2019-15134
CVE-2019-15134 affects RIOT OS (GNRC TCP) up through 2019.07. The issue is a memory leak in the TCP implementation (gnrc_tcp) triggered in _receive within sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c when an ACK is received before a SYN. This can cause unbounded memory consumption for ne...
CVE-2019-15134
RIOT through 2019.07 contains a memory leak in the TCP implementation gnrctcp, allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to receive in sys/net/gnrc/transportlayer/tcp/gnrctcpeventloop.c...
DEBIAN-CVE-2019-13106
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution...
CVE-2019-13105
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem...
CVE-2019-13106
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution...
PT-2019-13130 · Denx Software Engineering +2 · Das U-Boot +2
Name of the Vulnerable Software and Affected Versions: Das U-Boot versions 2016.09 through 2019.07-rc4 Description: The issue arises when Das U-Boot attempts to read a crafted ext4 filesystem, leading to a stack buffer overflow due to excessive data being memset. This overflow could potentially...