Lucene search
K

135 matches found

BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.12 views

The vulnerability of the UDF file system functionality in Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the UDF file system functionality in Linux operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00282EPSS
Exploits0References21Affected Software6
Positive Technologies
Positive Technologies
added 2022/12/09 12:0 a.m.6 views

PT-2024-11817 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Universal Disk Format UDF in the Linux kernel, where a problem with preallocation discarding at indirect extent boundaries could lead to corruption of the...

9.1CVSS6.8AI score0.03702EPSS
Exploits12References1845
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.2 views

kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback

A NULL pointer dereference was found in the Linux kernel’s UDF file system functionality in the way the user triggers the udffilewriteiter function for a malicious UDF image. This flaw allows a local user to crash the system...

5.5CVSS6.6AI score0.00497EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.5 views

kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback

A NULL pointer dereference was found in the Linux kernel’s UDF file system functionality in the way the user triggers the udffilewriteiter function for a malicious UDF image. This flaw allows a local user to crash the system...

5.5CVSS6.6AI score0.00497EPSS
Exploits1References7
OSV
OSV
added 2022/06/02 2:15 p.m.1 views

UBUNTU-CVE-2022-1943

A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udfwritefi. A local user could use this flaw to crash the system or potentially...

7.8CVSS6.7AI score0.00282EPSS
Exploits0References8
OSV
OSV
added 2022/04/21 6:25 a.m.5 views

USN-5385-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, inux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon vulnerabilities

Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service system crash or possibly execute arbitrary...

6.7CVSS6.7AI score0.00513EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2019/11/05 9:3 p.m.6 views

edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media

Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media...

9.8CVSS7.3AI score0.01338EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/08/06 12:11 p.m.3 views

edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media

Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media...

9.8CVSS7.3AI score0.01338EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/07/18 12:0 a.m.26 views

FreeBSD : p7zip -- out-of-bounds read vulnerability (d706a3a3-4a7c-11e6-97f7-5453ed2e2b49)

Cisco Talos reports : An out-of-bounds read vulnerability exists in the way 7-Zip handles Universal Disk Format UDF files. Central to 7-Zip's processing of UDF files is the CInArchive::ReadFileItem method. Because volumes can have more than one partition map, their objects are kept in an object...

8.8CVSS7.4AI score0.09795EPSS
Exploits2References3
CNVD
CNVD
added 2016/06/08 12:0 a.m.2 views

7zip denial of service vulnerability

7zip is a set of 7-Zip data compression program software. The program can compress and decompress files in 7z format. A security vulnerability exists in the 'CInArchive::ReadFileItem' method in the Archive/Udf/UdfIn.cpp file in 7zip version 9.20 and 15.05 beta. A remote attacker can exploit this...

8.8CVSS7.7AI score0.09795EPSS
Exploits2References1
OSV
OSV
added 2016/06/07 12:0 a.m.4 views

UBUNTU-CVE-2016-2335

The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service out-of-bounds read or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file...

8.8CVSS7.5AI score0.09795EPSS
Exploits2References4
ThreatPost
ThreatPost
added 2016/05/12 3:11 p.m.15 views

Corruption, Code Execution Vulnerabilities Patched in Open Source Archiver 7-Zip

Several vulnerabilities were fixed this week in the file archiver 7-Zip that could have led to arbitrary code execution and file corruption. The developer behind the tool-which is open source and can be used with any compression, conversion, or encryption method-is urging users to update to the...

0.3AI score
Exploits0References4
Cent OS
Cent OS
added 2015/11/30 7:56 p.m.73 views

xfsprogs security update

CentOS Errata and Security Advisory CESA-2015:2151 Updated xfsprogs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerabili...

5CVSS5.9AI score0.04535EPSS
Exploits0References7
OSV
OSV
added 2015/08/31 10:59 a.m.1 views

DEBIAN-CVE-2014-9730

The udfpctochar function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service system crash via a crafted UDF filesystem image...

4.9CVSS7.1AI score0.00407EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/08 12:0 a.m.3 views

Linux UDF File System Denial of Service Vulnerability

Linux kernel is an open source operating system. The linux kernel, which supports the UDP filesystem, has a security vulnerability that allows a local user to mount a specially crafted UDF filesystem that triggers an error in udfreadinode and crashes the target system...

4.7CVSS6.5AI score0.00434EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/12/16 7:12 p.m.3 views

kernel: udf: Avoid infinite loop when processing indirect ICBs

A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...

4.7CVSS6.7AI score0.0051EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/12/09 8:33 p.m.5 views

kernel: udf: Avoid infinite loop when processing indirect ICBs

A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...

4.7CVSS6.7AI score0.0051EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/09/29 7:41 p.m.4 views

kernel: udf: Avoid infinite loop when processing indirect ICBs

A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...

4.7CVSS6.7AI score0.0051EPSS
Exploits1References4
OSV
OSV
added 2014/09/28 12:0 a.m.4 views

UBUNTU-CVE-2014-6410

The udfreadinode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service infinite loop or stack consumption via a UDF filesystem with a crafted inode...

4.7CVSS6.7AI score0.0051EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.20 views

openSUSE Security Update : libvirt (openSUSE-SU-2010:0625-1)

libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...

4.4CVSS7.2AI score0.00423EPSS
Exploits0References7
Rows per page
Query Builder