CVE-2020-13579

An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...

The vulnerability of SELinux’s access control system in the Linux operating system allows a perpetrator to trigger a service failure.

The vulnerability of SELinux’ access control system in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

Qualcomm Chip Security Breach

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and are often fabricated on the surface of semiconductor wafers. The Qualcomm chip suffers from a security vulnerability that stems from...

The vulnerability of the jp2_decode function (libjasper/jp2/jp2_dec.c) in the JasPer library allows a hacker to induce a service failure.

The vulnerability of the jp2decode function libjasper/jp2/jp2dec.c in the JasPer library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the w5864handle_frame() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the w5864handleframe function located in the drivers/media/pci/tw5864/tw5864-video.c file in the Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the Linux operating system’s kernel, related to a pointer dereferencing error, allows attackers to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to a pointer arithmetic error. Exploiting this vulnerability can allow an attacker to cause a service failure...

shellcode-x86_x64

This repository contains a collection of assembly code examples for a 64-bit Linux system, primarily focusing on basic instructions and operations. The code is written in NASM Netwide Assembler and covers various topics such as arithmetic, logical operations, string manipulation, and stack...

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

The vulnerability of the `ovl_posix_acl_create` function in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the ovlposixaclcreate function located in fs/overlayfs/dir.c in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the RESTCONF and NETCONF-YANG protocols implemented in the Cisco IOS XE operating system allows a attacker to cause service interruptions.

The vulnerability of the RESTCONF and NETCONF-YANG protocols implemented by the Cisco IOS XE operating system is related to errors in pointer arithmetic. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the sf_write_int function in the libsndfile library, which allows a hacker to cause a service failure.

The vulnerability of the sfwriteint function in the libsndfile library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2020-2000)

According to the versions of the grub2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2,...

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX leading to read_section_as_string() to an arithmetic overflow zero-sized allocation and further heap-based buffer overflow.

...

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

A flaw was found in current grub2 versions as shipped with Red Hat Enterprise Linux 7 and 8, where the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This issue leads the function to return invalid memory allocations, causing heap-based...