3668 matches found
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes possibly making the system inoperable.
...
openSUSE Security Update : fossil (openSUSE-2020-1478)
This update for fossil fixes the following issues : - fossil 2.12.1 : - CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code boo1175760 - Security fix in the 'fossil git export' command. New 'safety-net' features were added to...
Security update for fossil (important)
openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2020:1478-1 Rating: important References: 1047218 1175760 Cross-References: CVE-2020-24614 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 An upda...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
zlib bug fix and enhancement update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fixes and Enhancements: AlmaLinux8.2 - zlib on s390x may produce incomplete raw but not gzip/zlib streams BZ1860952 AlmaLinux8.2 - raw zlib test failed with DFLTCCLEVELMASK s...
AVIF has landed
Back in ancient July I released a video that dug into how lossy and lossless image compression works and how to apply that knowledge to compress a set of different images for the web. Well, that's already out of date because AVIF has arrived. Brilliant. AVIF is a new image format derived from the...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
CVE-2020-6151
A memory corruption vulnerability exists in the TIFF handleCOMPRESSIONPACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.
...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
WavPack: Multiple vulnerabilities
Background WavPack is a set of hybrid lossless audio compression tools. Description Multiple vulnerabilities have been discovered in WavPack. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted audio file possibly resulting in a...
netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...
Important: Red Hat Security Advisory: jbig2dec security update
An update for jbig2dec is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...