PT-2023-15713 · Google · Widevine Trusted Application

Name of the Vulnerable Software and Affected Versions: Widevine Trusted Application TA versions 5.0.0 through 5.1.1 Description: The issue is related to an integer overflow and resultant buffer overflow in the drm verify keys function, specifically with the total len+file name len calculation. Th...

SUSE CVE-2013-3076

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hashrecvmsg function in crypto/algifhash.c and the...

The Bluetooth subsystem in QEMU mishandles negative values for length variables leading to memory corruption.

...

Information Disclosure

kernel-rt is vulnerable to information disclosure. The vulnerability exists as the crypto API does not initialize certain length variables...

Memory corruption

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption...

CVE-2011-1710

Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service service crash or possibly execute arbitrary code via crafted header length variables...