CVE-2023-31137 MaraDNS Integer Underflow Vulnerability in DNS Packet Decompression

MaraDNS is open-source software that implements the Domain Name System DNS. In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination...

gstreamer-plugins-good: Potential heap overwrite in mp4 demuxing using zlib decompression

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the qt demuxer when processing a specially crafted QuickTime/MP4 file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution...

gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using lzo decompression

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution...

gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using zlib decompression

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution...

gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using bz2 decompression

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution...

gstreamer-plugins-good: Potential heap overwrite in mkv demuxing using HEADERSTRIP decompression

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution...

MaraDNS 数字错误漏洞

MaraDNS is an open source implementation of the Domain Name System by the individual developer Sam Trenholme that can be used as a caching, recursive or authoritative name server. A numeric error vulnerability exists in MaraDNS 3.5.0024 and earlier versions, which stems from a remotely exploitabl...

Important: Red Hat Security Advisory: qatzip security and bug fix update

An update for qatzip is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Fedora: Security Advisory for suricata (FEDORA-2023-8febb13d07)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for suricata (FEDORA-2023-43ac51ee44)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for suricata (FEDORA-2023-c91ab14186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: suricata-6.0.11-1.fc36

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 37 Update: suricata-6.0.11-1.fc37

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 38 Update: suricata-6.0.11-1.fc38

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

USN-6024-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Lin Ma discovered a race condition in t...

USN-6024-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Lin Ma discovered a race condition in t...

PT-2023-35779 · Zstd · Zstd

Name of the Vulnerable Software and Affected Versions: ZSTD affected versions not specified Description: The issue is related to a heap-buffer-overflow read, which occurs in the ZSTD decompressSequencesLong bmi2 function, specifically when calling ZSTD decompressSequencesLong and ZSTD...

[SECURITY] Fedora 38 Update: bzip3-1.3.0-1.fc38

These are tools for compressing, decompressing, printing, and searching bzip3 files. bzip3 features higher compression ratios and better performance than bzip2 thanks to an order-0 context mixing entropy coder, a fast Burrows-Wheeler transform code making use of suffix arrays and a run-length...

Fedora: Security Advisory for bzip3 (FEDORA-2023-3a821e6e73)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for bzip3 (FEDORA-2023-c08f9dfc16)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...