The vulnerability of the malloc() function in the Klibc environment library, related to integer overflow, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the malloc function in the Klibc environment library is related to integer overflow. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability in the implementation of the malloc() function (source/ti/posix/freertos/memory.c) of the software development kit for microcontroller families SimpleLink (CC13XX, CC26XX, CC32XX, and MSP432E4) allows a malicious actor to execute arbitrary code or cause a service failure.

The vulnerability of the malloc function implementation source/ti/posix/freertos/memory.c in the software development kit for microcontroller families SimpleLink CC13XX, CC26XX, CC32XX, and MSP432E4 is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to execute...

The vulnerability in the implementation of the malloc, realloc, and memalign functions of the Apache Nuttx operating system allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the malloc, realloc, and memalign functions in the Apache Nuttx operating system arises due to integer overflow. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

Huawei EulerOS: Security Advisory for jbigkit (EulerOS-SA-2021-2390)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for jbigkit (EulerOS-SA-2021-2074)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2021-2003)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-34372

Trusty the trusted OS produced by NVIDIA for Jetson devices driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of...

CVE-2021-34372

Trusty the trusted OS produced by NVIDIA for Jetson devices driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of...

Heap-based Buffer Overflow in squell/id3

✍️ Description While testing id3 built from commit 0de713 with Clang 13 +ASan on Ubuntu 20.04.2, we discovered a POC which triggers a heap-buffer-overflow in tag::unbinarize. This particular flaw was discovered with the help of honggfuzz. 🕵️‍♂️ Proof of Concept echo...

Integer overflow in TFLite memory allocation

Impact The TFLite code for allocating TFLiteIntArrays is vulnerable to an integer overflow issue: cc int TfLiteIntArrayGetSizeInBytesint size static TfLiteIntArray dummy; return sizeofdummy + sizeofdummy.data0 size; An attacker can craft a model such that the size multiplier is so large that the...

PYSEC-2021-731

TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating TFLiteIntArrays is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.cL24-L27. An attacker can...

PYSEC-2021-533

TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating TFLiteIntArrays is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.cL24-L27. An attacker can...

Integer overflow

TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating TFLiteIntArrays is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.cL24-L27. An attacker can...

PYSEC-2021-731

TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating TFLiteIntArrays is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.cL24-L27. An attacker can...

CVE-2021-29605

TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating TFLiteIntArrays is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.cL24-L27. An attacker can...

OESA-2021-1172 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator oth...

CVE-2021-31873

An issue was discovered in klibc before 2.0.9. Additions in the malloc function may result in an integer overflow and a subsequent heap buffer overflow...

DEBIAN-CVE-2021-31873

An issue was discovered in klibc before 2.0.9. Additions in the malloc function may result in an integer overflow and a subsequent heap buffer overflow...

CVE-2021-31873

An issue was discovered in klibc before 2.0.9. Additions in the malloc function may result in an integer overflow and a subsequent heap buffer overflow...

CVE-2021-31873

An issue was discovered in klibc before 2.0.9. Additions in the malloc function may result in an integer overflow and a subsequent heap buffer overflow...