CVE-2024-25388

drivers/wlan/wlanmgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow...

CVE-2024-25388

drivers/wlan/wlanmgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow...

CVE-2024-25388

RT-Thread vulnerability CVE-2024-25388 affects the wlan_mgmt,c driver in RT-Thread up to version 5.0.2. The issue is an integer signedness error that enables a heap/buffer overflow. Affected component: drivers/wlan/wlan_mgmt,c. The impact is a buffer overflow as stated in multiple sources. Remedi...

PT-2024-20912 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: The issue is related to an integer signedness error and resultant buffer overflow in the drivers/wlan/wlan mgmt,c component. Recommendations: For RT-Thread versions through 5.0.2, update to a...

CVE-2023-40238

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

Integer overflow

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

CVE-2023-40238

CVE-2023-40238 is a LogoFAIL issue in the InsydeH2O firmware, specifically in the BmpDecoderDxe module. The root cause is an integer signedness error involving PixelHeight and PixelWidth during RLE4/RLE8 compression, which can allow crafted BMP logo data to copy into a target address during the D...

CVE-2023-40238

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

CVE-2023-44466

CVE-2023-44466 is described as a Linux kernel issue in net/ceph/messenger_v2.c (before 6.4.5) with a signedness error that enables a buffer overflow and remote code execution via HELLO or AUTH frames, caused by an untrusted length from a TCP packet in ceph_decode_32. The Connected documents reite...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

CVE-2023-44466

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

Oracle Linux 7 : ELSA-2017-1308-1: / kernel (ELSA-2017-13081)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-13081 advisory. - The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to...

Debian: Security Advisory (DLA-545-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K21336065: GD Graphics Library vulnerability CVE-2016-8670

Security Advisory Description Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly hav...

K47009044: FreeBSD vulnerability CVE-2016-1887

Security Advisory Description Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen...

K68609614: Linux kernel vulnerability CVE-2011-0699

Security Advisory Description Integer signedness error in the btrfsioctlspaceinfo function in the Linux kernel 2.6.37 allows local users to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted slot value. CVE-2011-0699 Impact There is no...

SUSE CVE-2009-0388

Multiple integer signedness errors in 1 UltraVNC 1.0.2 and 1.0.5 and 2 TightVnc 1.3.9 allow remote VNC servers to cause a denial of service heap corruption and application crash or possibly execute arbitrary code via a large length value in a message, related to the a...

SUSE CVE-2011-1471

Integer signedness error in zipstream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service CPU consumption via a malformed archive file that triggers errors in zipfread function calls...