OSV-2021-203 Memcpy-param-overlap in flatview_write_continue

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29586 Crash type: Memcpy-param-overlap Crash state: flatviewwritecontinue flatviewwrite addressspacewrite...

Updated minidlna packages fix security vulnerabilities

It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...

Security update for gcc7 (moderate)

openSUSE Security Update: Security update for gcc7 Announcement ID: openSUSE-SU-2020:2300-1 Rating: moderate References: 1150164 1161913 1167939 1172798 1178577 1178614 1178624 1178675 Cross-References: CVE-2020-13844 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability a...

Security update for gcc7 (moderate)

openSUSE Security Update: Security update for gcc7 Announcement ID: openSUSE-SU-2020:2301-1 Rating: moderate References: 1150164 1161913 1167939 1172798 1178577 1178614 1178624 1178675 Cross-References: CVE-2020-13844 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability a...

Heap overflow

An out of bounds read on the encuntrustedinetntop function allows an attack to extend the result size that is used by memcpy to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4...

CVE-2020-8939

The CVE-2020-8939 issue concerns the Asylo project: an out-of-bounds read in the function enc_untrusted_inet_ntop can cause the result size to be extended, enabling memory reads from the enclave heap via memcpy. Affected component/version details are not explicitly enumerated beyond the commit re...

Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in Google Asylo that stems from an...

SUSE-SU-2020:3749-1 Security update for gcc7

This update for gcc7 fixes the following issues: - CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue bsc1172798 - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - avoid assembler errors with AVX512 gather and scatter instructions...

Remote Code Execution (RCE)

MiniDLNA is vulnerable to remote code execution. An attacker is able to send a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

DEBIAN-CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

Buffer overflow

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

CVE-2020-11121

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X,...

CVE-2020-11121

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X,...

CVE-2020-11121

CVE-2020-11121 describes a possible buffer overflow in the WIFI HAL due to memcpy being used without checking the destination buffer length. Affected products include Qualcomm Snapdragon Auto, Compute, Industrial IOT, and Mobile platforms across multiple SoCs (e.g., QCM4290, QCS4290, QM215, QSM83...

librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow

An issue was discovered in amqphandleinput in amqpconnection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTIONSTATEHEADER. A rogue server could return a malicious frame header that leads to a smaller targetsize value than needed...

CVE-2020-24388

An issue was discovered in the sendsecuremsg function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy call that will crash the running process. This could be used by an attacker ...

Denial of service

An issue was discovered in the sendsecuremsg function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy call that will crash the running process. This could be used by an attacker ...