git -- Heap overflow in `git archive`, `git log --format` leading to RCE

The git team reports: git log has the ability to display commits using an arbitrary format with its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators e.g., %, %, or % , an integer overflow can occur in...

GIGABYTE XTREME GAMING ENGINE < 1.26 Multiple Vulnerabilities

The version of GIGABYTE XTREME GAMING ENGINE installed on the remote host is prior to 1.26. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE befor...

EulerOS Virtualization 2.9.1 : gnutls (EulerOS-SA-2023-1192)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing...

Ubuntu 16.04 ESM : GnuTLS vulnerability (USN-5750-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5750-1 advisory. It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting i...

Integer overflow in realloc call

Description Integer overflow in realloc and memcpy calls in coreanalgraphlabel. In the process of concatenating source lines based on DWARF data, the resulting size 32bit signed int can overflow. The sizes of the realloc and memcpy calls differ, and potentially can lead to writes in an unintended...

OSV-2022-1195 Memcpy-param-overlap in repeat

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53626 Crash type: Memcpy-param-overlap Crash state: repeat repeat pere...

PT-2022-36780 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Memcpy-param-overlap, with a crash state involving repeat and p ere. No further details are provided...

Oracle Linux 9 : libtiff (ELSA-2022-8194)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8194 advisory. 4.4.0-2 - Update to version 4.4.0 - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909...

libtiff: Null source pointer lead to Denial of Service via crafted TIFF file

A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFReadDirectory in tifdirread.c. This flaw allows an attacker to exploit this vulnerability via a crafted TIFF file, causing a crash and leading to a denial of service...

GSD-2022-1006617 riscv: mm: add missing memcpy in kasan_init

riscv: mm: add missing memcpy in kasaninit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...

CVE-2022-0324

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp...

CVE-2022-0324

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp...

Out-of-bounds

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp...

CVE-2022-0324

CVE-2022-0324 describes a buffer overflow in the DHCPv6 packet parsing code within dhcp6relay. The connected documents specify that a remote attacker could craft a DHCPv6 packet to trigger an out-of-bounds memcpy write, causing dhcp6relay to crash and potentially shutdown the related DHCP relay d...

sonic-buildimage 安全漏洞

sonic-buildimage is an open source library for SONiC. Scripts to execute installable binary image builds for SONiC A security vulnerability exists in sonic-buildimage, which stems from a vulnerability in the DHCPv6 packet parsing code, which can be exploited by an attacker to craft a packet that...

PT-2022-34872 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to a missing memcpy in kasan init, which may potentially lead to security vulnerabilities. The actual impact and attack plausibility have not yet been proven...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2780)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - nfslookupreply in net/nfs.c in Das U-Boot through 2022.04 and through 2022.07-rc2 has an unbounded memcpy with a failed length check, leadin...

libtiff: Denial of Service via crafted TIFF file

A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFFetchStripThing in tifdirread.c. This flaw allows an attacker with a crafted TIFF file to exploit this flaw, causing a crash and leading to a denial of service...

Debian dla-3152 : glibc-doc - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3152 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3152-1 [email protected]...

CVE-2022-36280

An out-of-bounds memory write vulnerability was found in the Linux kernel's vmwgfx driver in vmwkmscursorsnoop due to a missing check of a memcpy length. This flaw allows a local, unprivileged attacker with access to either the /dev/dri/card0 or /dev/dri/rendererD128 and able to issue an ioctl on...