16 matches found
EUVD-2004-0109
Malware in sbrugna...
EUVD-2017-6003
Malware in sbrugna...
SUSE CVE-2017-14501
An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...
The vulnerability of the archive_read_format_iso9660_read_header function in the libarchive library allows a hacker to gain unauthorized access to information.
The vulnerability of the archivereadformatiso9660readheader function in the archivereadsupportformatiso9660.c library of the libarchive library is related to reading beyond the allowed boundaries. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to informati...
MGASA-2019-0074 Updated libarchive packages fix security vulnerability
libarchive contains an out-of-bounds read vulnerability in 7zip decompression, archivereadsupportformat7zip.c, headerbytes that can result in a crash denial of service. This attack appears to be exploitable via the victim opening a specially crafted 7zip file CVE-2019-1000019. libarchive contains...
Design/Logic Flaw
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards version v2.8.0 onwards contains a CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in ISO9660 parser, archivereadsupportformatiso9660.c, readCE/parserockridge that can result in DoS by infinite...
CVE-2017-14501
An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3018-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3018-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-3020-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3020-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...
Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-3016-3)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3016-3 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...
Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerabilities (USN-3017-3)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3017-3 advisory. USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement H...
USN-3016-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream -longterm 3.14.27 and fixes the following security issues: arch/x86/kernel/tls.c in the Thread Local Storage TLS implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier...
CVE-2004-0109
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry...
CVE-2004-0109
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry...
CVE-2004-0109
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry...