2 matches found
Decompressing invalid data can leak information from uninitialized memory or reused output buffer
Decompressing invalid LZ4 data with the block API can leak data from uninitialized memory, or leak content from previous decompression operations when reusing an output buffer. The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from a...
wireshark: crash in SCCP dissector
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark formerly Ethereal 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service application crash via a malformed packet...