CVE-2024-35369

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in...

UBUNTU-CVE-2024-35369

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in...

CVE-2024-35369

In FFmpeg 6.1.1 (FFmpeg n6.1.1), the Speex decoder path avcodec/speexdec.c is affected by insufficient validation of certain parameters when parsing Speex extradata. The described issue can cause integer overflow conditions, potentially leading to undefined behavior or crashes during decoding. Th...

CVE-2024-35369

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in...

CVE-2024-35369

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg version n6.1.1, which can be exploited by attackers to cause undefined behavior or a crash during decoding...

CVE-2024-41125 Out-of-bounds read in SNMP when decoding a string in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The...

PT-2024-29281 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG affected versions not specified Description: An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The issue exists in the...

CVE-2024-11706

A null pointer dereference may have inadvertently occurred in pk12util, and specifically in the SECASN1DecodeItemUtil function, when handling malformed or improperly formatted input files. This vulnerability affects Firefox 133 and Thunderbird 133...

UBUNTU-CVE-2024-11704

A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. This vulnerability affects Firefox 133, Thunderbird 133, Firefox ESR 128.7,...

CVE-2017-11076

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder...

PT-2024-10578 · Qualcomm · Snapdragon +26

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue occurs on certain hardware revisions where VP9 decoding is hardware-accelerated. In these cases, the frame size is not correctly programmed in...

Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst

Posted by Ivan Fratric, Google Project Zero Recently, one of the projects I was involved in had to do with video decoding on Apple platforms, specifically AV1 decoding. On Apple devices that support AV1 video format starting from Apple A17 iOS / M3 macOS, decoding is done in hardware. However,...

SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

freerdp: out-of-bounds read

A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an out-of-bounds read. This issue occurs when the WCHAR string is read with twice the size it has and converted to UTF-8, base64 decoded. The string is only used to compare against the redirection server...

kernel: lz4: fix LZ4_decompress_safe_partial read out of bound

In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compresse...

ALSA-2024:9456 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

CVE-2024-46954

An issue was discovered in decodeutf8 in base/gputf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal...

Updated libheif packages fix security vulnerability

In Libheif, insufficient checks in ImageOverlay::parse while decoding a HEIF file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. CVE-2024-41311...