PT-2024-20912 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: The issue is related to an integer signedness error and resultant buffer overflow in the drivers/wlan/wlan mgmt,c component. Recommendations: For RT-Thread versions through 5.0.2, update to a...

CVE-2023-40238

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

Integer overflow

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

CVE-2023-40238

CVE-2023-40238 is a LogoFAIL issue in the InsydeH2O firmware, specifically in the BmpDecoderDxe module. The root cause is an integer signedness error involving PixelHeight and PixelWidth during RLE4/RLE8 compression, which can allow crafted BMP logo data to copy into a target address during the D...

CVE-2023-40238

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

CVE-2023-44466

CVE-2023-44466 is described as a Linux kernel issue in net/ceph/messenger_v2.c (before 6.4.5) with a signedness error that enables a buffer overflow and remote code execution via HELLO or AUTH frames, caused by an untrusted length from a TCP packet in ceph_decode_32. The Connected documents reite...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

Oracle Linux 7 : ELSA-2017-1308-1: / kernel (ELSA-2017-13081)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-13081 advisory. - The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to...

K21336065: GD Graphics Library vulnerability CVE-2016-8670

Security Advisory Description Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly hav...

K47009044: FreeBSD vulnerability CVE-2016-1887

Security Advisory Description Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen...

K68609614: Linux kernel vulnerability CVE-2011-0699

Security Advisory Description Integer signedness error in the btrfsioctlspaceinfo function in the Linux kernel 2.6.37 allows local users to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted slot value. CVE-2011-0699 Impact There is no...

SUSE CVE-2013-4148

Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...

SUSE SLES15 Security Update : libostree (SUSE-SU-2022:3455-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3455-1 advisory. - Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attacke...

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2022-2306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2306)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the 'i2c md' command enables the...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2335)

According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the 'i2c md' command enables th...

Denial Of Service (DoS)

u-boot is vulnerable to denial of service. The vulnerability exists due to the integer signedness error, resulting stack stack-based buffer overflow in the i2c md command, which enables the corruption of the return address pointer of the doi2cmd function...