16270 matches found
Astra Linux - уязвимость в binutils
A vulnerability was discovered in GNU Binutils 2.43 and is classified as critical. This issue affects the function bfdelfgcmarkrsec in the file elflink.c of the component ld. The vulnerability leads to a heap-based buffer overflow. The attack can be initiated remotely. The complexity of the attac...
Astra Linux - уязвимость в glibc
The iconv function in the GNU C Library versions 2.39 and earlier may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set. This could potentially cause an application to crash or overwrite a neighboring variable...
Astra Linux - уязвимость в glibc
nscd: Stack-based buffer overflow in netgroup cache If the fixed-size cache of the Name Service Cache Daemon nscd is exhausted due to client requests, then a subsequent client request for netgroup data may lead to a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cach...
Astra Linux - уязвимость в binutils
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function comparesymbols...
Astra Linux - уязвимость в glibc
There exists an exploitable signed comparison vulnerability in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attack...
Astra Linux - уязвимость в glibc
A out-of-bounds write vulnerability was discovered in glibc before version 2.31, when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution...
Astra Linux - уязвимость в gimp
A flaw was discovered in GIMP. A integer overflow vulnerability exists in the GIMP “Despeckle” plug-in. The issue arises due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp. This can lead to insufficient memory allocation and subsequent...
Astra Linux - уязвимость в binutils
A vulnerability, classified as problematic, was discovered in GNU Binutils up to version 2.43. This vulnerability affects the disassemblebytes function in the file binutils/objdump.c. Manipulation of the buf argument leads to a stack-based buffer overflow. The attack can be initiated remotely. Th...
Astra Linux - уязвимость в binutils
A vulnerability, classified as critical, was discovered in GNU Binutils 2.43. The affected function is bfdelfrelocsymboldeletedp in the file bfd/elflink.c of the ld component. This manipulation leads to memory corruption. The attack can be launched remotely. The complexity of the attack is...
Astra Linux - уязвимость в gzip, xz-utils
A arbitrary file writing vulnerability was discovered in the GNU gzip’s zgrep utility. When zgrep is applied to a file name chosen by the attacker e.g., a crafted file name, it can overwrite the content of the target file with an arbitrary file selected by the attacker. This flaw arises due to...
Astra Linux - уязвимость в gsl
A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a maliciously crafted input data for gslstatsquantilefromsorteddata of the library may lead to unexpected application termination or arbitra...
Astra Linux - уязвимость в glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux - уязвимость в tar
The vulnerability of the extractfile function in the GNU Tar archive viewer is related to reading data beyond the buffer’s allowed limits. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
Astra Linux - уязвимость в glibc
Before version 2.32, the GNU C Library also known as glibc or libc6 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contained a non-canonical bit pattern. This issue was observed when passing a value of 0x5d414141414141410000 to the sinl...
Astra Linux - уязвимость в glibc
The Name Service Cache Daemon’s nscd netgroup cache uses xmalloc or xrealloc, and these functions may terminate the process due to a memory allocation failure, resulting in a denial of service for clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability ...
Astra Linux - уязвимость в binutils
A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after multiple recursive calls...
Astra Linux - уязвимость в binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.31. A heap-based buffer overflow in the bfdgetl32 function in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be...
Astra Linux - уязвимость в emacs
A vulnerability was discovered in GNU Emacs through version 28.2. The htmlfontify.el script has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir parameters come from external inputs, and these parameters are not escaped properly. If a...
Astra Linux - уязвимость в gmp
GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...
Astra Linux - уязвимость в gnutls28
A heap-buffer-overflow off-by-one flaw was discovered in the GnuTLS software during the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption a...