38 matches found
CVE-2018-10538
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...
CVE-2018-10540
CVE-2018-10540 affects WavPack up to version 5.1.0 (W64 input). The vulnerability arises from ParseWave64HeaderConfig not validating unknown chunk sizes before memory allocation, combined with a lack of integer-overflow protection in a bytes_to_copy calculation and the subsequent malloc, which ca...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10538
The CVE-2018-10538 issue affects WavPack up to version 5.1.0 for WAV input, where ParseRiffHeaderConfig in riff.c may allocate insufficient memory due to not validating unknown chunk sizes and a vulnerable bytes_to_copy/malloc path. This can cause out-of-bounds writes and memory allocation errors...
CVE-2018-10538
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...
CVE-2018-10538
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10540
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...
CVE-2018-10538
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...
CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...
CVE-2018-10538
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...
CVE-2017-16830
The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...
CVE-2017-16830
The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...
CVE-2017-16830
The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...
CVE-2017-16830
The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...
Integer overflow
The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...
CVE-2014-9799
The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...