1406 matches found
[SECURITY] [DLA 2085-1] zlib security update
Package : zlib Version : 1:1.2.8.dfsg-2+deb8u1 CVE ID : CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointe...
Ubuntu: Security Advisory (USN-4246-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4246-1: zlib vulnerabilities
It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...
USN-4246-1 zlib vulnerabilities
It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...
The vulnerability of the rds_tcp_kill_sock() function in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the rdstcpkillsock function in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability in the `fs/btrfs/volumes.c` function of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the fs/btrfs/volumes.c function in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure due to incorrect processing of finddevice...
EulerOS 2.0 SP5 : zlib (EulerOS-SA-2019-2704)
According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.CVE-2016-984...
PT-2019-4482
Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1 through 1.1.1d OpenSSL versions 1.0.2 through 1.0.2t Description The issue is related to an overflow bug in the x64 64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are...
CVE-2018-3983
An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this...
The vulnerability of the sbrDecodeSingleFramePS function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to cause a service failure.
The vulnerability of the sbrDecodeSingleFramePS function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the bounds of the memory buffer. Exploiting this vulnerability could allow an attacker to cause a syste...
The vulnerability of the hf_assembly function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to trigger a service failure.
The vulnerability of the hfassembly function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the boundaries of the memory buffer. Exploiting this vulnerability could allow an attacker to cause a system failur...
The vulnerability of the nbd_genl_status function in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the nbdgenlstatus function drivers/block/nbd in the Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure through a specially created application...
The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems, related to pointer arithmetic errors, allows a hacker to cause a service failure.
The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to cause service failures...
The vulnerability of the gpg data encryption tool from the gnupg package, related to errors in pointer arithmetic, allows a perpetrator to trigger a service failure.
The vulnerability of the gpg data encryption tool from the gnupg package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to trigger a service failure, by passing a specially crafted file as an argument to the command line...
The vulnerability of the __strlen_sse2_pminub function in the infotocap utility from the ncurses-bin package allows a hacker to cause a service failure.
The vulnerability of the strlensse2pminub function located in the file sysdeps/x8664/multiarch/strlen-sse2-pminub.S:39 in the infotocap utility from the ncurses-bin package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to cause a system failure ...
The vulnerability in the implementation of the NFS protocol in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the NFS protocol implementation in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the syntax analysis procedure for Python interpreter certificates allows attackers to trigger a service failure.
The vulnerability of the syntax analysis procedure for Python interpreter certificates is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...
The vulnerability of Linux operating system kernels, related to pointer arithmetic that goes beyond the allowed values, allows attackers to execute attacks through side channels.
The vulnerability of Linux operating systems’ kernels kernel/bpf/verifyier.c is related to an offset out of bounds. Exploiting this vulnerability could allow an attacker to execute attacks through secondary channels...
The vulnerability of the lnstat network statistics collection program lies in the lack of checks for the correctness of mathematical operations, which allows a perpetrator to trigger a service failure.
The vulnerability of the lnstat network statistics collection program is related to the lack of checks for the correctness of mathematical operations. Exploiting this vulnerability could allow an attacker to cause the program to terminate abnormally due to a SIGFPE signal, caused by attempting to...
USN-4001-1 libseccomp vulnerability
Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker could use this to bypass intended access restrictions for argument-filtered system calls...