ImageMagick: Multiple Vulnerabilities

Background ImageMagick is a software suite to create, edit, and compose bitmap images, that can also read, write, and convert images in many other formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details...

CVE-2023-37335

Kofax Power PDF BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

Kofax Power PDF 安全漏洞

Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a BMP File Parsing out-of-bounds write remote code execution vulnerability...

kernel: blk-mq: fix IO hang from sbitmap wakeup race

A possible IO hang from sbitmap wakeup race was found in the Linux kernel. This may lead to compromised Availability...

[SECURITY] Fedora 39 Update: python-reportlab-4.2.0-1.fc39

This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats...

[SECURITY] Fedora 40 Update: python-reportlab-4.2.0-1.fc40

This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats...

SUSE CVE-2024-26851

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

DEBIAN-CVE-2024-26851

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

UBUNTU-CVE-2024-26851

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

CVE-2024-26851

CVE-2024-26851 concerns the Linux kernel netfilter nf_conntrack_h323 path. The issue arises when decoding H.323 ras messages: an abnormal skb->data can cause the extension bitmap length to exceed 32, leading to a length-based shift that may become negative and trigger UBSAN reports. The workar...

SUSE CVE-2024-26772

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...

SUSE CVE-2024-26773

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound Determine if the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to avoid allocating blocks from a group with a corrupted block...

SUSE CVE-2024-26774

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mbupdateavgfragmentsize when block bitmap corrupt Determine if bbfragments is 0 instead of determining bbfree to eliminate the risk of dividing by zero when the block bitmap is corrupted...

CVE-2024-26772

A vulnerability was found in the ext4mbfindbygoal function in the Linux kernel. This issue could lead to memory corruption or crashes due to the allocation of blocks from a group with a corrupted block bitmap...

CVE-2024-26774

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mbupdateavgfragmentsize when block bitmap corrupt Determine if bbfragments is 0 instead of determining bbfree to eliminate the risk of dividing by zero when the block bitmap is corrupted...

CVE-2024-26773

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound Determine if the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to avoid allocating blocks from a group with a corrupted block...

DEBIAN-CVE-2024-26773

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound Determine if the group block bitmap is corrupted before using acbex in ext4mbtrybestfound to avoid allocating blocks from a group with a corrupted block...

DEBIAN-CVE-2024-26772

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...

DEBIAN-CVE-2024-26774

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mbupdateavgfragmentsize when block bitmap corrupt Determine if bbfragments is 0 instead of determining bbfree to eliminate the risk of dividing by zero when the block bitmap is corrupted...