Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update the file length when a write to an inline file fails. When a write to an inline file fails or fails partially, we still update the length of the inline data as if the entire write was successful. This issue is...

Astra Linux - уязвимость в ldns

When a zone file in ldns 1.7.1 is parsed, the function ldnsnsec3saltdata is too trusted regarding the length value obtained from the zone file. During the memcpy operation, the data consisting of 0xfe – ldnsrdfsizesaltrdf bytes can be copied, leading to heap overflow information leakage...

CVE-2019-18994

Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty .JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service...

Linux Distros Unpatched Vulnerability : CVE-2023-53295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data ...

SUSE CVE-2023-53295

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...

UBUNTU-CVE-2023-53295

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...

CVE-2023-53295

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...

CVE-2023-53295 udf: Do not update file length for failed writes to inline files

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from updating the length of a file despite a failed write to an inline file, which could lead to data...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

Libopensc: incorrect handling length of buffers or files in libopensc

...

git: Fix of 2 CVEs

CVE-2023-25652: removing a link instead of writing into - CVE-2023-29007: restrict the config file line length to parse it whole - tests were activated - a buffer overflow during reading of configuration's enormous value has been fixed...

Exploit for Link Following in Rarlab Unrar

A proof of concept for CVE-2022-30333 - a path traversal vulnera...

Exploit for Link Following in Rarlab Unrar

A proof of concept for CVE-2022-30333 - a path traversal vulnera...

Buffer overflow

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-30306

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

多款Qualcomm产品缓冲区错误漏洞

Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm.QCA6574AU is a central processing unit CPU product.APQ8053 is a central processing unit CPU product.SDX55 is a modem. Multiple Qualcomm Products A buffer error vulnerability exists in the DSP service that stems from an...

CVE-2020-28220

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware All versions prior to V5.0.4.11 and SoMachine/SoMachine Motion software All versions, that could cause a buffer overflow when the length of a file transferred to the...