SUSE-SU-2019:3092-1 Security update for libarchive

This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653. - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654. - CVE-2019-1000019: Fixed an Out-Of-Bounds Read...

CVE-2011-2897

gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw...

MS10-033: Vulnerabilities in Media Decompression could allow remote code execution

Resolves vulnerabilities in Microsoft Windows that could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a website or any application that delivers web content.INTRODUCTIONMicrosoft has released security bulletin...

Command injection

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh...

Fedora Update for suricata FEDORA-2019-fddfb520ec

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 29 Update: suricata-4.1.5-3.fc29

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 30 Update: suricata-4.1.5-3.fc30

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

XNU - Remote Double-Free via Data Race in IPComp Input Path

XNU - Remote Double-Free via Data Race in IPComp Input Path === Summary === This report describes a bug in the XNU implementation of the IPComp protocol https://tools.ietf.org/html/rfc3173. This bug can be remotely triggered by an attacker who is able to send traffic to a macOS system iOS AFAIK...

The vulnerability of the zlib_decompress_extra function in the VideoLAN VLC media player allows a hacker to access confidential data after decompression, potentially compromising the integrity of those data and causing service failures.

The vulnerability of the zlibdecompressextra function in the VideoLAN VLC media player involves its use after decompression. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

CVE-2019-16535

Аn OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol. Eldar Zaitov of Yandex Information Security Team...

Pwning a Siemens Scalance ICS switch through ARM reversing

We’ve been working in industrial control systems security for a long time. Several of the team here used to work in OT control rooms or support SCADA environments. Whilst pen testing a ship control system, we noticed a heavy reliance on Siemens Scalance industrial ethernet switches, so bought a...

Security update for zstd (moderate)

openSUSE Security Update: Security update for zstd Announcement ID: openSUSE-SU-2019:2008-1 Rating: moderate References: 1082318 1133297 1142941 Cross-References: CVE-2019-11922 Affected Products: openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that solves one vulnerability and...

Security fix for the ALT Linux 10 package libarchive version 3.4.0-alt1

Aug. 22, 2019 Aleksei Nikiforov 3.4.0-alt1 - Updated to upstream version 3.4.0. - Fixes: + CVE-2018-1000877 Double Free vulnerability in RAR decoder + CVE-2018-1000878 Use After Free vulnerability in RAR decoder + CVE-2018-1000879 NULL Pointer Dereference vulnerability in ACL parser +...

USN-4109-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain PGX files. An attacker could possibly use this issue to cause a denial of service or possibly remote code execution. CVE-2017-17480 It was discovered that OpenJPEG incorrectly handled certain files. An attacker could possibly use this...

Fedora Update for upx FEDORA-2019-9a0f02c8c8

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for upx FEDORA-2019-bf4633142b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: upx-3.95-4.fc30

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

elfutils: Double-free due to double decompression of sections in crafted ELF causes crash

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function

REJECTED CVE A heap-based buffer overflow vulnerability exists in EDK II within the MakeTable function of BaseUefiDecompressLib.c, TianoCompress.c, and the UEFI specification. An authenticated attacker could exploit this flaw by supplying a crafted file, potentially leading to privilege escalatio...

FreeBSD -- Multiple vulnerabilities in bzip2

Problem Description: The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip21 file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip21 file. Impact: An attacker...