CVE-2020-24388

CVE-2020-24388 affects yubihsm-shell up to 2.0.2. The _send_secure_msg() function does not validate the embedded length field of a message from the device, enabling an oversized memcpy() that can crash the process and cause a denial of service. Public references in NVD, OSV, and YubiHSM disclosur...

EulerOS Virtualization for ARM 64 3.0.6.0 : glibc (EulerOS-SA-2020-2019)

According to the version of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling...

An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy aka CID-3a9b153c5591.

...

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy() this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.

...

EulerOS Virtualization for ARM 64 3.0.2.0 : glibc (EulerOS-SA-2020-1956)

According to the versions of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write vulnerability was found in glibc when handling signal trampolines on PowerPC. The backtrace...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2020-1849)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : glibc (EulerOS-SA-2020-1849)

According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets tha...

OSV-2020-1668 Memcpy-param-overlap in ot::Message::Write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25226 Crash type: Memcpy-param-overlap Crash state: ot::Message::Write ot::Message::CopyTo ot::Ip6::Ip6::InsertMplOption...

openthread:ncp-uart-received-fuzzer: Memcpy-param-overlap in ot::Message::Write

Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5748343379329024 Project: openthread Fuzzing Engine: honggfuzz Fuzz Target: ncp-uart-received-fuzzer Job Type: honggfuzzasanopenthread Platform Id: linux Crash Type: Memcpy-param-overlap Crash...

Exploit for Incorrect Calculation in Google Android

...

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

Integer Overflow

freerdp is vulnerable to Integer Overflow. The vulnerability is present because the input rectangles received from the server are not checked against local surface coordinates and are blindly accepted. This oversight allows an attacker to potentially crash the application by sending malicious dat...

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

The vulnerability of the memcpy function in the glibc library, which allows a hacker to execute arbitrary code in the context of a privileged process

The vulnerability of the memcpy function in the glibc library arises from an operation that occurs outside the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the privileged process context...

CVE-2020-15103

In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data th...

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

CVE-2020-15103

In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data th...

Amazon Linux AMI : squid (ALAS-2020-1386)

The version of squid installed on the remote host is prior to 3.5.20-15.39. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1386 advisory. An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gai...