kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

EUVD-2022-28744

Malicious code in bioql PyPI...

CVE-2011-10023

MJM QuickPlayer likely now referred to as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitra...

CVE-2011-10024

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

GHSA-927Q-G9W9-PM54 Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in getbinary in vendor/mediatek/proprietary/hardware/connectivity/gps/gpshal/src/datacoder.c, where out-of-bounds writes may exist...

CVE-2024-11495

Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking...

SUSE CVE-2011-0623

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0624, CVE-2011-0625, and CVE-2011-0626...

SUSE CVE-2011-0624

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0625, and CVE-2011-0626...

UNISOC chipset 缓冲区错误漏洞

The UNISOC chipset is an integrated circuit chipset from China's Unisolar Corporation UNISOC. A security vulnerability exists in the UNISOC chipset due to a lack of bounds checking in its wlan driver, resulting in a local denial of service for the wlan service...

ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS attributes from the MFT , proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS inodes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

Google Android Remote Code Execution Vulnerability (CNVD-2019-35249)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in Google Android 10. The vulnerability stems from an out-of-bounds write problem in libxaac in Android caused by a lac...

Debian DSA-475-1 : linux-kernel-2.4.18-hppa - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PA-RISC kernel 2.4.18 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An...

Mandrake Linux Security Advisory : kernel (MDKSA-2003:110)

A vulnerability was discovered in the Linux kernel versions 2.4.22 and previous. A flaw in bounds checking in the dobrk function can allow a local attacker to gain root privileges. This vulnerability is known to be exploitable; an exploit is in the wild at this time. The Mandrake Linux 9.2 kernel...

[SECURITY] [DSA 427-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel)

-------------------------------------------------------------------------- Debian Security Advisory DSA 427-1 [email protected] http://www.debian.org/security/ Martin Schulze January 19th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 417-2] New Linux 2.4.18 packages fix local root exploit (alpha)

-------------------------------------------------------------------------- Debian Security Advisory DSA 417-2 [email protected] http://www.debian.org/security/ Martin Schulze January 9th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 417-2] New Linux 2.4.18 packages fix local root exploit (alpha)

-------------------------------------------------------------------------- Debian Security Advisory DSA 417-2 [email protected] http://www.debian.org/security/ Martin Schulze January 9th, 2004 http://www.debian.org/security/faq -...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages are now available that fix a security vulnerability which may allow local users to gain root privileges. The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered a flaw in bounds checking in mremap in the Linux kernel versions 2.4.23 a...