SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2076-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2076-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: CVE-2022-48622: Fixed vulnerability...

EulerOS Virtualization 3.0.6.0 : grub2 (EulerOS-SA-2024-1683)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially...

Oracle Linux 9 : grub2 (ELSA-2024-2456)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2456 advisory. - Fix CVE-2022-3775 Orabug: 34871953 - CVE-2023-4692 - grub-set-bootflag: Fix for CVE-2024-1048 - CVE-2024-1048 - Resolves: CVE-2023-4001 Tenable has...

grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...

Memory corruption

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

gdk-pixbuf security vulnerability

gdk-pixbuf is an image loading library. A security vulnerability exists in gdk-pixbuf version 2.42.10 and earlier. An attacker exploiting this vulnerability could overwrite heap metadata, resulting in a denial of service or code execution attack...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2024-1084)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1060)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2023-408)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-408 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

AZL-34795 CVE-2023-4692 affecting package grub2 for versions less than 2.06-18

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...

UBUNTU-CVE-2023-4692

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...

SUSE CVE-2016-6328

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service DoS and Information Disclosure disclosing some critical heap chunk metadata, even other applications' private data...

SUSE CVE-2021-3682

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free with faked heap chunk...

OpenImageIO RLA format rle span out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1629 OpenImageIO RLA format rle span out-of-bounds read vulnerability December 22, 2022 CVE Number CVE-2022-36354 SUMMARY A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More...

QEMU: usbredir: free() call on invalid pointer in bufp_alloc()

A flaw was found in the USB redirector device emulation of QEMU. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free with faked heap chunk metadata, resulting in a crash ...

OESA-2021-1316 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packe...

AZL-6830 CVE-2021-3682 affecting package qemu for versions less than 6.2.0-2

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free with faked heap chunk...

CVE-2021-34380

Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot...

NVIDIA MB2 缓冲区错误漏洞

Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. NVIDIA MB2 suffers from a buffer error vulnerability that stems from the boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker could exploit the...

ALPINE-CVE-2016-6328

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service DoS and Information Disclosure disclosing some critical heap chunk metadata, even other applications' private data...