Segmentation fault due to use of uninitialized memory

When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convertzipdatetime". In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object, the address of the object is changed to the...

RUSTSEC-2024-0374 Segmentation fault due to use of uninitialized memory

When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convertzipdatetime". In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object, the address of the object is changed to the...

Amazon Linux 2 : amazon-cloudwatch-agent (ALAS-2024-2630)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300044.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2630 advisory. Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2024-708)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-708 advisory. Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020/2024 involve memory usage after decompression, allowing attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020/2024 are related to the use of memory after deallocation. Exploiting these vulnerabilities can allow attackers to...

Important: amazon-cloudwatch-agent

Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...

Gzip Memory Bomb Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' require 'stringio' class MetasploitModule 'Gzip Memory Bomb Denial Of Service', 'Description' = %q This module generates and hosts a 10MB single-round gzi...

SUSE CVE-2022-48923

In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copycompressedsegment to write outside of allocated...

UBUNTU-CVE-2022-48923

In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copycompressedsegment to write outside of allocated...

The vulnerability of the AV3DVirtAnnot function in PDF viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat 2024, and Adobe Acrobat Reader 2020 allows a perpetrator to execute arbitrary code.

The vulnerability of the AV3DVirtAnnot function in PDF viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat 2024, and Adobe Acrobat Reader 2020 is related to the ability to utilize memory after decompression...

Medium: nerdctl

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Medium: nerdctl

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Medium: containerd

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

[SECURITY] Fedora 39 Update: suricata-6.0.20-1.fc39

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 40 Update: suricata-7.0.6-1.fc40

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

CBL Mariner 2.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-23916)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23916 advisory. - An allocation of resources without limits or throttling vulnerability exis...

SUSE CVE-2023-0475

HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...

GO-2024-2911 go-grpc-compression has a zstd decompression bombing vulnerability in github.com/mostynb/go-grpc-compression

go-grpc-compression has a zstd decompression bombing vulnerability in github.com/mostynb/go-grpc-compression...

Denial Of Service (DoS)

github.com/klauspost/compress/zstd is vulnerable to a Denial of service DoS. The vulnerability is due to its zstd decompression implementation not respecting the limits imposed by gRPC, which allows attacker to trigger rapid and uncontrolled increases in memory usage on the server or client...

CVE-2024-36129

A flaw was found in OpenTelemetry Collector. When sending an HTTP or gRPC request with a compressed payload, the Collector only verifies whether the compressed payload is beyond a certain limit but not its uncompressed version. This flaw allows an attacker using a specially crafted HTTP or gRPC...