66476 matches found
libsndfile: integer overflow in ima_reader_init()
A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...
lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()
...
Astra Linux - уязвимость в u-boot
An integer overflow occurs in the ext4fsreadsymlink function in Das U-Boot before version 2025.01-rc1. This issue arises due to the use of the zalloc function, which adds one to a le32 variable. This occurs through a crafted ext4 file system with an inode size of 0xffffffff. As a result, the mall...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: crypto: cavium – prevents integer overflow during firmware loading The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s probably very little you can do to protect yourself. Nevertheless, ...
Astra Linux - уязвимость в ffmpeg
An integer overflow vulnerability exists in the function filter16roberts in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow The current implementation cannot configure more than 32 pins due to an incorrect data type. Therefore, type casting using unsigned long is used to avoid this issue...
Astra Linux - уязвимость в sox
A issue was discovered in libsox.a within SoX 14.4.2. In sox-fmt.h, within the startread function, there is an integer overflow in the result of integer addition with a wrap around to 0 passed into the lsxcalloc macro that wraps around to malloc. When a NULL pointer is returned, it is used withou...
Astra Linux - уязвимость в libstb
It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...
Astra Linux – Vulnerability in libstb
STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...
Astra Linux - уязвимость в freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. This issue only affects clients. An integer underflow can lead to a Denial of Service DOS vulnerability, for example, an abort due to WINPRASSERT with default compilation flags. When an...
Astra Linux - уязвимость в apache2
If LimitXMLRequestBody is set to allow request bodies larger than 350MB default is 1MB on 32-bit systems, an integer overflow may occur, which can lead to out-of-bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier versions...
Astra Linux - уязвимость в openexr
A flaw was discovered in OpenEXR’s hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file processed by OpenEXR to trigger an integer overflow. The greatest threat of this vulnerability is to system availability...
Astra Linux - уязвимость в exiv2
In Exiv2 through 0.27.1, a vulnerability in CiffDirectory::readDirectory allows for integer overflow and out-of-bounds reads. This vulnerability enables an attacker to cause a denial of service SIGSEGV by using a crafted CRW image file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions A vulnerability was identified where the operating system can pass in U32MAX as the size of SQ/RQ/SRQ. This can lead to integer overflow and truncation of the SQ/RQ/SRQ depth values...
Astra Linux – Vulnerability in ffmpeg
An integer overflow vulnerability exists in the function filter16sobel in libavfilter/vfconvolution.c within Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...
Astra Linux - уязвимость в openldap
An integer underflow was discovered in OpenLDAP before version 2.4.57, which led to slapd crashes during the Certificate Exact Assertion processing, resulting in a denial of service schemainit.c serialNumberAndIssuerCheck...
Astra Linux - уязвимость в linux, linux-5.10
An integer overflow or wrap-around vulnerability exists in the OpenEuler kernel on Linux file system modules, allowing for forced integer overflow. This issue affects the OpenEuler kernel, starting from version 4.19.90, up to and including version 4.19.90-2401.3, as well as versions 5.10.0-60.18....
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the truncation of the regbuf vector size. There is a report that ioestimatebvecsize truncates the calculated number of segments, leading to corruption issues. Ensure that the “int” variables used later do not...
Astra Linux - уязвимость в git
Git is a distributed revision control system. The gitattributes command allows for the definition of attributes for certain file paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be applie...
Astra Linux - уязвимость в firefox, thunderbird, expat
Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...