CVE-2018-14612

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfsrootnode when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfsreadblockgroups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks i...

CVE-2018-14609

CVE-2018-14609 affects the Linux kernel (up to 4.17.10) with an invalid pointer dereference in __del_reloc_root() of fs/btrfs/relocation.c when mounting a crafted Btrfs image. The issue is triggered by removing reloc rb_trees when reloc control has not been initialized, leading to potential denia...

CVE-2018-14612

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfsrootnode when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfsreadblockgroups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks i...

CVE-2018-14613

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in ioctlmappage when mounting and operating a crafted btrfs image, because of a lack of block group item validation in checkleafitem in fs/btrfs/tree-checker.c...

CVE-2018-14609

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in delrelocroot in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rbtrees when reloc control has not been initialized...

Linux kernel invalid pointer dereference vulnerability (CNVD-2018-24481)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'btrfsrootnode' function in Linux kernel version 4.17.10 and earlier. An attacker can exploit this vulnerability to cause a deni...

CVE-2018-14612

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfsrootnode when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfsreadblockgroups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks i...

Linux kernel invalid pointer dereference vulnerability (CNVD-2018-24480)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'delrelocroot' function of the fs/btrfs/relocation.c file in Linux kernel versions 4.17.10 and earlier, where the vulnerable...

Memory Read Out-of-Bounds Vulnerability in TAS SG2 Software

Taian Technology Wuxi Co., Ltd. manufactures, sells and develops a range of industrial control and low voltage electrical and power distribution products, i.e. electronic and component products. A memory read out-of-bounds vulnerability exists in the SG2 software of Taian Technology. The...

CVE-2017-2668

389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

CVE-2017-2668

389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

Updated exempi package fixes security vulnerabilities

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in PostScriptHandler.cpp CVE-2018-7729. An issue was discovered in Exempi through 2.4.4. WEBPSupport.cpp does not check whether a bitstream has a NULL value,...

oniguruma: Invalid pointer dereference in left_adjust_char_head()

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

DEBIAN-CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

CVE-2016-9570

cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service out-of-bounds read, invalid pointer dereference, and application crash by leveraging access to the NetMon named pipe...

CVE-2016-9570

The CVE-2016-9570 entry concerns Carbon Black (cb.exe) version 5.1.1.60603. It describes a denial-of-service condition caused by an out-of-bounds read, an invalid pointer dereference, and application crash when an attacker gains access to the NetMon named pipe. This is a network-accessible issue ...

flash-plugin: out-of-bounds read causing information leak (APSB18-01)

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid out-of-range pointer offset during access of internal data structure fields causes...