75 matches found
UBUNTU-CVE-2018-7871
There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact...
CVE-2018-7868
There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack...
CVE-2018-7871
There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact...
The vulnerability of the Linux operating system allows a malicious individual to gain access to confidential information from the kernel’s stack memory.
A vulnerability exists in the l2tpip6getname function in the Linux kernel’s net/l2tp/l2tpip6.c file, due to incorrect return values under certain circumstances. Exploiting this vulnerability allows local users to access confidential information from the kernel’s stack memory, using a specially...
Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=756 We have encountered several different crashes in the graphite2::NameTable::getName method, observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk,...
Graphite2 - NameTable::getName Multiple Heap Out-of-Bounds Reads
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=756 We have encountered several different crashes in the graphite2::NameTable::getName method, observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest...
kernel security and bug fix update
3.10.0-229.4.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.4.2 - x86 crypto: aesni - fix memory usage in GCM decryption Kurt Stutsman 1213331 1212178 CVE-2015-3331 3.10.0-229.4.1 - crypto x86: sha256ssse3 - also test for BMI2 Herbert Xu 1211484 1201563 - crypto testmgr: fix RNG return...
PT-2011-1445 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37-rc2 Description: The issue concerns the ax25 getname function in the Linux kernel, which fails to initialize a certain structure. This allows local users to potentially obtain sensitive information from...
Stack overflow
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary cod...
CVE-2009-4484
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary cod...
kernel: numerous getname() infoleaks
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...
kernel: numerous getname() infoleaks
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...
Linux Kernel .getname函数多个信息泄露漏洞
BUGTRAQ ID: 36176 CVECAN ID: CVE-2009-3002 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的getname函数没有正确地初始化某些数据结构,本地用户可以通过对AFAPPLETALK、AFIRDA、AFECONET、 AFNETROM、AFROSE、原始CAN等套接字执行getsockname调用读取部分内核内存的内容。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Memory corruption
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...
CVE-2009-3002
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...