openSUSE Security Update : glibc (openSUSE-2016-852)

This update for glibc provides the following fixes : - Increase DTVSURPLUS limit. bsc968787 - Do not copy dname field of struct dirent. CVE-2016-1234, bsc969727 - Fix memory leak in nssdnsgethostbyname4r. bsc973010 - Fix stack overflow in nssdnsgetnetbynamer. CVE-2016-3075, bsc973164 - Fix malloc...

Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=715 The ActionScript parameter conversion in the fix for issue 403 https://code.google.com/p/google-security-research/issues/detail?id=403 can sometimes access a parameter on the native stack that is uninitialized. If: mc.swapDepth...

Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix

Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=716 The ActionScript parameter conversion in the fix for an issue in the December Flash bulletin...

Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix

Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=715 The ActionScript parameter conversion in the fix for issue 403 https://code.google.com/p/google-security-research/issues/detail?id=403 can...

openSUSE Security Update : glibc (openSUSE-2016-233)

This update for glibc fixes the following issues : - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex boo956716, BZ 17514 - reinitialize-dlloadwritelock.patch: Reinitialize dlloadwritelock on fork boo958315, BZ 19282 - send-dg-buffer-overflow.patch: Fix...

FreeBSD : glibc -- getaddrinfo stack-based buffer overflow (2dd7e97e-d5e8-11e5-bcbd-bc5ff45d0f28)

Fabio Olive Leite reports : A stack-based buffer overflow was found in libresolv when invoked from nssdns, allowing specially crafted DNS responses to seize control of EIP in the DNS client. The buffer overflow occurs in the functions senddg send datagram and sendvc send TCP for the NSS module...

glibc getaddrinfo 栈缓冲区溢出漏洞(CVE-2015-7547)

漏洞概要 Glibc是GNU发布的LIBC库的C运行库，Glibc是Linux系统中最底层的API，基本其它任何运行库都会依赖于Glibc。Glibc除了封装Linux操作系统所提供的系统服务外，还提供了其它的必要服务的实现。由于 Glibc 几乎包含所有的 UNIX 通行的标准，可以说是操作系统重要支撑库。 Glibc中的 DNS...

glibc -- getaddrinfo stack-based buffer overflow

Fabio Olive Leite reports: A stack-based buffer overflow was found in libresolv when invoked from nssdns, allowing specially crafted DNS responses to seize control of EIP in the DNS client. The buffer overflow occurs in the functions senddg send datagram and sendvc send TCP for the NSS module...

Updated claws-mail packages fix security vulnerability

no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...

Debian DLA-350-1 : eglibc security update

The strxfrm function is vulnerable to integer overflows when computing memory allocation sizes similar to CVE-2012-4412. Furthermore since it fallbacks to use alloca when malloc fails, it is vulnerable to stack-based buffer overflows similar to CVE-2012-4424. Those issues have been fixed in Debia...

SUSE SLES10 Security Update : glibc (SUSE-SU-2014:1119-1)

This glibc update fixes a critical privilege escalation problem and the following security and non security issues : - bnc892073: An off-by-one error leading to a heap-based buffer overflow was found in gconvtranslitfind. An exploit that targets the problem is publicly available. CVE-2014-5119 -...

DEBIAN-CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service segmentation violatio...

CVE-2015-1473

CVE-2015-1473 affects the GNU C Library (glibc) prior to version 2.21, arising from the ADDW macro in stdio-common/vfscanf.c not properly factoring data-type size when using alloca in a wscanf path. This can allow context-dependent attackers to cause a denial of service (segmentation fault) or ov...

F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (SOL16364)

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not 'properly restrict the use of' the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

UBUNTU-CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service segmentation violatio...

OracleVM 3.3 : glibc (OVMSA-2014-0017)

The remote OracleVM system is missing necessary patches to address critical security updates : - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, - Don't use alloca in addgetnetgrentX 1087789. - Adjust...

glibc security, bug fix, and enhancement update

2.12-1.149 - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, 2.12-1.148 - Switch gettimeofday from INTUSE to libchiddenproto 1099025. 2.12-1.147 - Fix stack overflow due to large AFINET6 requests...

GNU TAR <= 1.15.91 and CPIO <= 2.5.90 safer_name_suffix Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26445/info GNU's tar and cpio utilities are prone to a denial-of-service vulnerability because of insecure use of the 'alloca' function. Successfully exploiting this issue allows attackers to crash the affected utilities...

DEBIAN-CVE-2012-3406

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

CVE-2012-3406

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...