glibc: netgroup cache assumes NSS callback uses in-buffer strings

A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System.Insyde InsydeH2O is vulnerable to a buffer overflow A buffer overflow vulnerability exists in InsydeH2O, whi...

Qualcomm Qualcomm WIN TZ FW Buffer Error Vulnerability

Qualcomm WIN TZ FW is a Qualcomm Incorporated USA support firmware for use on processors. A security vulnerability exists in Qualcomm WIN TZ FW, which results in memory corruption due to a lack of checking the validation of buffer pointers passed to trustzone. The following products and versions...

xen security update

3.0.3-147.el5 - net: add checks to validate ring buffer pointers - Resolves: bz1263273 xen: qemu: Heap overflow vulnerability in ne2000receive function...