EulerOS Virtualization 2.10.0 : libarchive (EulerOS-SA-2023-1921)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL...

libarchive: NULL pointer dereference in archive_write.c

A flaw was found in libarchive. A missing check of the return value of the calloc function can cause a NULL pointer dereference in an out-of-memory condition or when a memory allocation limit is reached, resulting in the program linked with libarchive to crash...

EulerOS Virtualization 2.9.1 : libarchive (EulerOS-SA-2023-1639)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL...

EulerOS Virtualization 2.9.0 : libarchive (EulerOS-SA-2023-1673)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL...

Siemens Multiple RTOS Integer Overflow or Wraparound (CVE-2020-35198)

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...

EulerOS 2.0 SP9 : libarchive (EulerOS-SA-2023-1446)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the...

EulerOS 2.0 SP11 : libarchive (EulerOS-SA-2023-1411)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the...

SUSE CVE-2010-0542

The WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service NULL pointer dereference or heap memory corruption or possibly execute arbitrar...

SUSE CVE-2017-15019

LAME 3.99.5 has a NULL Pointer Dereference in the hipdecodeinit function within libmp3lame/mpglibinterface.c via a malformed mpg file, because of an incorrect calloc call...

SUSE CVE-2019-9704

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked...

SUSE CVE-2021-32762

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...

SUSE CVE-2021-33450

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

SUSE CVE-2022-36227

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

EulerOS 2.0 SP10 : libarchive (EulerOS-SA-2023-1389)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the...

EulerOS 2.0 SP10 : libarchive (EulerOS-SA-2023-1361)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the...

EulerOS 2.0 SP8 : libarchive (EulerOS-SA-2023-1322)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if th...

PT-2025-54163

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where the zero page can be corrupted when using dm-flakey with corrupt bio writes enabled. This corruption occurs because the blkdev issue zero pages...

The vulnerability of the calloc() function in the libarchive library allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the calloc function in the libarchive library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service interruptions...

ROS-20221216-01

A vulnerability in the libarchive archiving library is related to the lack of error checking after the call to the calloc function, which may return with a NULL pointer in case of a function crash, resulting in a NULL pointer dereference. resultant dereferencing of the NULL pointer. Exploitation ...

Updated libarchive packages fix security vulnerability

In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. CVE-2022-36227...