ALPINE-CVE-2018-6543

In GNU Binutils 2.30, there's an integer overflow in the function loadspecificdebugsection in objdump.c, which results in malloc with 0 size. A crafted ELF file allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

DEBIAN-CVE-2018-6543

In GNU Binutils 2.30, there's an integer overflow in the function loadspecificdebugsection in objdump.c, which results in malloc with 0 size. A crafted ELF file allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

Integer overflow

In GNU Binutils 2.30, there's an integer overflow in the function loadspecificdebugsection in objdump.c, which results in malloc with 0 size. A crafted ELF file allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

CVE-2018-6543

In GNU Binutils 2.30, there's an integer overflow in the function loadspecificdebugsection in objdump.c, which results in malloc with 0 size. A crafted ELF file allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

Ubuntu 14.04 LTS / 16.04 LTS : GNU C Library vulnerabilities (USN-3534-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3534-1 advisory. It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd2 syscall. A local...

Linux/x86-64 - sys_access() Egghunter Shellcode (49 bytes)

; Author Doreth.Z10 ; ; Linux x8664 Egghunter using sysaccess ; Shellcode size 49 bytes ; global start section .text start: xor rsi, rsi ; Some prep junk. push rsi pop rdx push 8 pop rbx goendofpage: or dx, 0xfff ; We align with a page size of 0x1000 nextbyte: inc rdx ; next byte offset push 21 p...

Fedora 27 : glibc (2017-fb5e227432)

This update fixes minor security bugs CVE-2017-17426, CVE-2017-15804, contains single-threaded optimizations for malloc, and increases compatibility with IBM POWER 9 hardware. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Updated curl packages fix security vulnerability

If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. The issue pertains to the function that loads cookies into memory, which reads the specified file...

CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

GNU C Library integer overflow vulnerability (CNVD-2018-00256)

The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. An integer overflow vulnerability exists in the 'malloc' function in version 2.26 of the GNU C Library, which stems from the program returning a small block of memory. No information...

Integer overflow

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

CVE-2017-17426

CVE-2017-17426 affects the GNU C Library (glibc/libc6) up to version 2.26. The heap overflow arises from an integer overflow check missing in the per-thread cache (tcache) path when allocating an object near SIZE_MAX, potentially allowing code execution. Exploitation details are not provided in t...

CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

UBUNTU-CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

FreeBSD : varnish -- information disclosure vulnerability (17133e7e-d764-11e7-b5af-a4badb2f4699)

Varnish reports : A wrong if statement in the varnishd source code means that synthetic objects in stevedores which over-allocate, may leak up to page size of data from a malloc3 memory allocation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

SWFTools Denial of Service Vulnerability (CNVD-2017-37437)

SWFTools is a utility toolset for working with Adobe Flash files SWF files. A security vulnerability exists in the 'wavconvert2mono' function in the lib/wav.c file in SWFTools version 0.9.2, which stems from the program's failure to properly restrict multiplication in malloc calls. The...

CVE-2017-16868

In SWFTools 0.9.2, the wavconvert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service integer overflow and NULL pointer dereference via a crafted WAV file...

Integer overflow

The imagealloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference...

CVE-2017-13136

The imagealloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference...

CVE-2017-13136

The imagealloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference...