Ocaml Integer Overflow Vulnerability

OCaml is a general-purpose programming language that emphasizes expressiveness and security. An integer overflow vulnerability exists in the camlbadeserialize function in byterun/bigarray.c in the standard library in Ocaml 4.06.0. A remote attacker could exploit this vulnerability via specially...

DEBIAN-CVE-2018-9838

The camlbadeserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrar...

OSEC-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution

Bug description The bigarray module in all recent ocaml versions is capable of reading in serialized marshalled objects from a external source which is often used for network operations and interprocess communication. byterun/bigarray.c Line 458 in ea60609 C b-data = malloceltsize numelts; A...

UBUNTU-CVE-2018-9838

The camlbadeserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrar...