Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Exempi vulnerabilities (USN-5483-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5483-1 advisory. It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a...

grub2: Crafted JPEG image can lead to buffer underflow write in the heap

A flaw was found in grub2 when handling JPEG images. This flaw allows an attacker to craft a malicious JPEG image, which leads to an underflow on a grub2's internal pointer, leading to a heap-based out-of-bounds write. Secure-boot mechanisms circumvention and arbitrary code execution may also be...

RHEL 8 : grub2, mokutil, shim, and shim-unsigned-x64 (RHSA-2022:5100)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5100 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

RHEL 8 : grub2, mokutil, shim, and shim-unsigned-x64 (RHSA-2022:5095)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5095 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

RHEL 8 : grub2, mokutil, and shim (RHSA-2022:5098)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5098 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

SUSE-SU-2022:2064-1 Security update for grub2

This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 bsc1198581 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap bsc1191184 - CVE-2021-3696: Fixed that a crafted PNG image could lead to...

SUSE: Security Advisory (SUSE-SU-2022:2036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2038-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for grub2 (SUSE-SU-2022:2035-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2022:2041-1 Security update for grub2

This update for grub2 fixes the following issues: Security fixes and hardenings for Boothole 3 / Boothole 2022 bsc1198581 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap bsc1191184 - CVE-2021-3696: Fixed that a crafted PNG image could lead to...

SUSE-SU-2022:2038-1 Security update for grub2

This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 bsc1198581 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap bsc1191184 - CVE-2021-3696: Fixed that a crafted PNG image could lead to...

SUSE-SU-2022:2037-1 Security update for grub2

This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 bsc1198581 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap bsc1191184 - CVE-2021-3696: Fixed that a crafted PNG image could lead to...

SUSE-SU-2022:2035-1 Security update for grub2

This update for grub2 fixes the following issues: This update provides security fixes and hardenings for Boothole 3 / Boothole 2022 bsc1198581 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap bsc1191184 - CVE-2021-3696: Fixed that a crafted PNG...

Arbitrary Code Execution

XMP Toolkit version 2020.1 and earlier is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CLSA-2022-1648149396 Fix CVE(s): CVE-2021-3999

SECURITY UPDATE: single byte buffer underflow and overflow - debian/patches/any/CVE-2021-3999.patch: reject buffer of size 1 and return NULL with errno set to ERANGE - CVE-2021-3999...

Security Bulletin: Vulnerability in OpenSSL affects ProtecTIER (CVE-2016-2108)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by ProtecTIER. ProtecTIER has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code on the system,...

Mageia: Security Advisory (MGASA-2019-0412)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VulnCheck KEV: CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

OSV-2021-1776 Stack-buffer-underflow in InterpretPhoneme

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43037 Crash type: Stack-buffer-underflow READ 8 Crash state: InterpretPhoneme InterpretPhoneme2 CalcLengths...

OSV-2021-1689 Stack-buffer-underflow in read_xref

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42294 Crash type: Stack-buffer-underflow WRITE 1 Crash state: readxref pdfireadxref pdfisetinputstream...