CVE-2014-4715

Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted...

CVE-2014-4656

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to 1 index values in the sndctladd function and 2 numid values in the...

CVE-2014-4656

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to 1 index values in the sndctladd function and 2 numid values in the...

CVE-2014-4608

Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service memory corruption via a crafted Literal Run. NOTE: the author of the LZO...

CVE-2014-4656

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to 1 index values in the sndctladd function and 2 numid values in the...

UBUNTU-CVE-2014-4608

Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service memory corruption via a crafted Literal Run. NOTE: the author of the LZO...

PT-2014-1826 · Red Hat +5 · Red Hat +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.15.2 Red Hat Enterprise Linux affected versions not specified Description: The issue involves multiple integer overflows in the lzo1x decompress safe function in the LZO decompressor, which can be exploited by...

openSUSE Security Update : tiff (openSUSE-SU-2012:0829-1)

fixing multiple integer overflows : - CVE-2012-2113 bnc767852 - CVE-2012-2088 bnc767854 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-361. The text description of this plugin...

openSUSE Security Update : Mesa (openSUSE-2013-366)

This Mesa update fixes the following security bug: CVE-2013-1993: Integer overflows in XF86DRIOpenConnection and XF86DRIGetClientDriverName were fixed that could lead to client crashes when using a malicious X server. This update fixes the following issue for Mesa on openSUSE 12.3 : - bnc814947,...

openSUSE Security Update : kernel (openSUSE-SU-2011:0004-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable 'customdebug' file, allowing local privilege escalation. CVE-2010-4258: A local attack...

openSUSE Security Update : gimp (openSUSE-SU-2012:1080-1)

Multiple integer overflows in various decoder plug-ins of GIMP have been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-543. The text description of this plugin is C SUSE...

openSUSE Security Update : icedtea-web (openSUSE-SU-2011:0706-1)

Icedtea as included in java-160-openjdk was updated to fix several security issues : dbg114-icedtea-web-4788 icedtea-web-4788 newupdateinfo S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win dbg114-icedtea-web-4788 icedtea-web-4788...

GnuTLS and libtasn1 multiple security vulnerabilities

Buffer overflows, integer overflows, NULL pointer dereference...

CVE-2014-0211

Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow...

CVE-2014-0209

Multiple integer overflows in the 1 FontFileAddEntry and 2 lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffe...

CVE-2014-0211

Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow...

CVE-2014-0209

Multiple integer overflows in the 1 FontFileAddEntry and 2 lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffe...

CVE-2014-0209

Multiple integer overflows in the 1 FontFileAddEntry and 2 lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffe...

[oss-security] CVE-2014-0222 Qemu: qcow1: Validate L2 table size

Hello, 'CVE-2014-0222' has been assigned to this issue. Too large L2 table sizes cause unbounded allocations. Images actually created by qemu-img only have 512 byte or 4k L2 tables. To keep things consistent with cluster sizes, allow ranges between 512 bytes and 64k in fact, down to 1 entry = 8...

CVE-2014-1741

CVE-2014-1741 refers to multiple integer overflow issues in Blink/Chromium, specifically in the CharacterData implementation (CharacterData.cpp) used by Chromium/Google Chrome prior to version 34.0.1847.137. The vulnerability arises from integer overflow in the DOM data handling (replace-data pat...