Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GMP vulnerability (USN-5672-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5672-1 advisory. It was discovered that GMP did not properly manage memory on 32-bit platforms when processing a specially crafted input. An attacker could...

The vulnerability of the Samba networking communication package, related to pointer arithmetic errors, allows a hacker to trigger a service failure.

The vulnerability of the Samba networking communication package is related to pointer arithmetic errors. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

USN-5672-1: GMP vulnerability

It was discovered that GMP did not properly manage memory on 32-bit platforms when processing a specially crafted input. An attacker could possibly use this issue to cause applications using GMP to crash, resulting in a denial of service...

The vulnerability of InspIRCd, related to pointer assignment errors, allows a hacker to trigger a service failure.

The vulnerability of InspIRCd relates to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the scheduler daemon in UNIX-like operating systems, Cron, related to pointer arithmetic errors, allows a malicious actor to trigger a service failure.

The vulnerability of the Cron task scheduler in UNIX-like operating systems is related to pointer dereferencing errors. Exploiting this vulnerability allows a perpetrator to cause service failures...

Mistakenly use of arithmetic operation can lead to loss

Lines of code Vulnerability details Mistakenly use of arithmetic operation can lead to loss Description Calculating the values can somewhat correct to what you need but this is a great mistake of calculation which should be overcomed .Now why should this be overcomed? Since in Solidity, the order...

The vulnerability of the TIFFFetchStripThing() function in the tif_dirread.c component of the LibTIFF library allows a attacker to cause a service failure.

The vulnerability of the TIFFFetchStripThing function in the tifdirread.c component of the LibTIFF library is related to pointer arithmetic errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created TIFF file...

The vulnerability of the Samba networking communication package, related to pointer arithmetic errors, allows a hacker to trigger a service failure.

The vulnerability of the Samba networking communication package is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause service failures...

The vulnerability of the LibTIFF library, related to pointer dereferencing errors, allows attackers to trigger a service failure.

The vulnerability of the LibTIFF library is related to pointer arithmetic errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created TIFF file...

CVE-2022-38266

An issue in the Leptonica linked library v1.79.0 allows attackers to cause an arithmetic exception leading to a Denial of Service DoS via a crafted JPEG file...

Design/Logic Flaw

An issue in the Leptonica linked library v1.79.0 allows attackers to cause an arithmetic exception leading to a Denial of Service DoS via a crafted JPEG file...

OESA-2022-1904 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: Protobuf-c v1.4.0 was discovered to contain an invalid...

CVE-2022-38266

An issue in the Leptonica linked library v1.79.0 allows attackers to cause an arithmetic exception leading to a Denial of Service DoS via a crafted JPEG file...

Rounding error for low decimal token

Lines of code Vulnerability details Impact Some token has low decimal USDC has only 6, as a result, the rounding may introduce substantial error in stable pair calculation, causing wrong getAmountOut quote, at the end lead to fund loss in swap function. Malicious user can abuse the wrong quote to...

Miscalculation for cUSDT and cUSDC

Lines of code Vulnerability details Impact getUnderlyingPrice stated that it would return the underlying price of the assets as a mantissa scaled by 1e18. However, the arithmetic setup on lines 503 and 507 could result in answers not scaled by 1e18. Proof of Concept 1e18 1e18 / 10 decimals is...

CVE-2022-25658

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-25658

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-25658

CVE-2022-25658 is a memory corruption issue caused by incorrect pointer arithmetic when changing endianness in Qualcomm Snapdragon video parser code. Affected are Snapdragon families including Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, and Wearables. Root ca...

CVE-2022-25658

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

The vulnerability of the kvm_irq_delivery_to_apic_fast() function in the KVM virtualization subsystem of the Linux operating system allows a attacker to trigger a service failure.

The vulnerability of the kvmirqdeliverytoapicfast function in the KVM virtualization subsystem of the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to trigger a service failure...