1417 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-0740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted...
CVE-2025-21738 ata: libata-sff: Ensure that we cannot write outside the allocated buffer
In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSIIOCTLSENDCOMMAND ioctl with outlen set to 0xd42, SCSI command set to ATA16 PASS-THROUGH, ATA command set to ATANOP, and...
CVE-2024-57262
In barebox before 2025.01.0, ext4fsreadsymlink has an integer overflow for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256...
CVE-2024-57256
A flaw was found in Das U-Boot. This vulnerability allows an attacker to cause a memory overwrite via a crafted ext4 filesystem with an inode size of 0xffffffff, which can lead to code execution or system crash. Mitigation Mitigation for this issue is either not available or the currently availab...
CVE-2024-57255
A flaw was found in Das U-Boot. This vulnerability allows an attacker to cause a memory overwrite via a crafted SquashFS filesystem with an inode size of 0xffffffff, which can lead to code execution or system crash. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2024-57262
In barebox before 2025.01.0, ext4fsreadsymlink has an integer overflow for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256...
CVE-2024-57262
In barebox before 2025.01.0, ext4fsreadsymlink has an integer overflow for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256...
CVE-2024-57262
CVE-2024-57262 affects barebox prior to 2025.01.0. The flaw is in ext4fs_read_symlink, where a zalloc overflow (adding one to an le32) on a crafted ext4 filesystem with inode size 0xffffffff causes a malloc(0) and a subsequent memory overwrite. This yields a high-severity impact (memory corruptio...
Barebox 安全漏洞
Barebox is a versatile and flexible bootloader from the Barebox open source. A security vulnerability exists in Barebox versions prior to 2025.01.0, which stems from an integer overflow in ext4fsreadsymlink that results in a memory overwrite...
CVE-2024-57262
In barebox before 2025.01.0, ext4fsreadsymlink has an integer overflow for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256...
CVE-2024-57262
In barebox before 2025.01.0, ext4fsreadsymlink has an integer overflow for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256...
CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
CVE-2024-57256
An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
CVE-2024-57256
An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
DEBIAN-CVE-2024-57256
An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
UBUNTU-CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
UBUNTU-CVE-2024-57256
An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
SUSE CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
SUSE CVE-2024-57256
An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...