K45501314: Linux kernel vulnerability CVE-2019-20636

Security Advisory Description In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by inputsetkeycode, aka CID-cb222aed03d7. CVE-2019-20636 Impact A local user with root access can insert garbage to this keycode table that...

kernel-rt security and bug fix update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

Google Android 缓冲区错误漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Google Android hid input.c suffers from an elevation of privilege vulnerability. An attacker can exploit this vulnerability to escalate privileges...

EulerOS 2.0 SP8 : tmux (EulerOS-SA-2020-2537)

According to the version of the tmux package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by...

Stack overflow

In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output...

CVE-2020-27347

In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output...

CVE-2020-27347

tmux prior to 3.1c is affected by a stack-based buffer-overflow in input_csi_dispatch_sgr_colon() of input.c, exploitable via terminal output. The CVE-2020-27347 issue is described across multiple advisories as affecting tmux versions before 3.1c; remediation is to upgrade to tmux 3.1c or newer (...

Out-Of-Bounds Write

Linux kernel is vulnerable to an out-of-bounds write. Crafted keycode table in drivers/input/input.c enables the possibility of an attack...

CVE-2020-27347

In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output...

CVE-2019-20636

In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by inputsetkeycode, aka CID-cb222aed03d7...

CVE-2019-20636

CVE-2019-20636 affects the Linux kernel prior to 5.4.12. The vulnerability is an out-of-bounds write in drivers/input/input.c via a crafted keycode table in input_set_keycode, enabling a local attacker with root privileges to corrupt memory and potentially execute arbitrary code or cause a denial...

CVE-2017-9129

The wavopenread function in frontend/input.c in Freeware Advanced Audio Coder FAAC 1.28 allows remote attackers to cause a denial of service large loop via a crafted wav file...

CVE-2017-9129

The CVE-2017-9129 vulnerability affects Freeware Advanced Audio Coder (FAAC) v1.28, where the wav_open_read function in frontend/input.c can be triggered by a specially crafted WAV file to cause a denial of service (large loop). This is documented across multiple sources (NVD/NASL/OSV and exploit...

CVE-2004-1267

Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file...