CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

Input validation

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

CVE-2022-1271

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

CVE-2022-1271

CVE-2022-1271 affects GNU gzip's zgrep: an attacker can cause arbitrary file writes by supplying crafted multi-line filenames. Two or more consecutive newlines in filenames lead to content and target file names being embedded in the same path, and insufficient validation enables remote, low-privi...

CVE-2022-39046

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

CVE-2022-39046

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

CVE-2022-39046

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

CVE-2022-39046

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

Heap overflow

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

UBUNTU-CVE-2022-39046

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

Gcc 安全漏洞

GCC is a collection of GNU compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in Gcc. An attacker has exploited this vulnerability to cause g++ to crash during compilation via a specially crafted input source file...

GNU C Library 日志信息泄露漏洞

The GNU C Library glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in GNU C Library glibc version 2.36, which stems from the fact that when the syslog function is passed a carefully crafted input string larger than 1024 byte...

CVE-2022-39046

CVE-2022-39046 : In the GNU C Library (glibc) 2.36, passing a crafted input string larger than 1024 bytes to syslog reads uninitialized heap memory and writes it to the log, potentially exposing heap contents. This is the vulnerability described in multiple sources (NVD, OSV, Gentoo GLSA). Affect...

GCC 安全漏洞

GCC is a collection of GNU compilers. It is primarily used to compile the C and C++ languages. A security vulnerability exists in GCC, which stems from an internal compiler error in the matchreload function in lra-constraints.c that causes the input file to crash...

PT-2022-8940 · Gnu · Gcc

Name of the Vulnerable Software and Affected Versions: gcc affected versions not specified Description: A crafted input source file could cause g++ to crash during compilation when provided certain optimization flags. The issue is related to the ipcp store vr results function in gcc/ipa-cp.c...

CVE-2022-39046

An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value potentially leading to information leakage and disclosure of sensitive data.

...