74 matches found
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: Fixed inefficient DER decoding in libtasn1 which could lead to a remote denial-of-service bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
CVE-2024-52924
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration...
Linux Distros Unpatched Vulnerability : CVE-2023-4233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU...
CVE-2022-49165
CVE-2022-49165 is a Linux kernel vulnerability in the media: imx-jpeg decoding path. When an NV12M JPEG is queued as an output buffer but a single-planar capture buffer is queued, the kernel could crash with a NULL pointer dereference in mxc_jpeg_addrs. The mitigation in the patch is to finish th...
CVE-2022-49078 lz4: fix LZ4_decompress_safe_partial read out of bound
In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compresse...
CVE-2022-49078 lz4: fix LZ4_decompress_safe_partial read out of bound
In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compresse...
CVE-2024-12243 Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially...
ALSA-2024:11217 Important: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack...
RockyLinux 9 : skopeo (RLSA-2024:8111)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:8111 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...
OESA-2024-1808 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...
USN-6629-1 ujson vulnerabilities
It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2021-45958 Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An...
EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2023-2464)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext...
CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
PT-2023-22509 · Nanomq · Nanomq
Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.15.0-0 Description: A segment fault with Null Pointer Dereference occurs in the process of decoding subinfo decode and unsubinfo decode. This issue is related to the decoding process, which can lead to a crash. Recommendation...
CVE-2023-23625 Denial of service in HAMT Decoding in go-unixfs
go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...
PT-2022-23130 · Unknown · Reactphp Http
Name of the Vulnerable Software and Affected Versions: ReactPHP HTTP versions 0.7.0 through 1.7.0 Description: The issue arises when ReactPHP's HTTP server component processes incoming HTTP cookie values, url-decoding the cookie names. This can lead to confusion between cookies with prefixes like...
PT-2022-3515 · Ultrajson +5 · Ultrajson +5
Name of the Vulnerable Software and Affected Versions: UltraJSON versions prior to 5.4.0 Description: The issue is related to the improper decoding of certain characters in JSON strings, specifically escaped surrogate characters not part of a proper surrogate pair. This can lead to string...
Design/Logic Flaw
For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...
PT-2021-18253 · Envoy · Envoy
Name of the Vulnerable Software and Affected Versions: Envoy versions 1.18.2 and earlier Description: Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths. A remote attacker may craft a path with escaped slashes, e.g. /something%2F..%2Fadmin, to bypass access control, e.g. ...
iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds
When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated object. If initWithCoder: or any method it calls decodes the same object,...