CVE-2024-35823 vt: fix unicode buffer corruption when deleting characters

In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 "vt: fix memory overlapping when deleting chars in the buffer". The cure is also the...

CVE-2024-35823

CVE-2024-35823: Linux kernel vt buffer corruption when deleting characters has been fixed. Root cause: overlapping buffers in VT text handling; solution: replace memcpy() with memmove() (same approach as VGA text buffer fix). Affected component: vt in the Linux kernel. Remediation: upgrade to a k...

DEBIAN-CVE-2022-48627

In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scrmemcpyw is optimized to memcpy because memcpy...

DEBIAN-CVE-2023-52497

In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...

CLSA-2023-1695326199 lz4: Fix of CVE-2021-3520

CVE-2021-3520: Fix potential memory corruption with negative memmove size...

Denial Of Service (DoS)

libbzip3.so is vulnerable to Denial of Service DoS. The vulnerability exists in bz3decodeblock function of libbz3.c due to an invalid memmove causing an application crash...

CVE-2023-29420

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

CVE-2023-29420

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

DEBIAN-CVE-2023-29420

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

UBUNTU-CVE-2023-29420

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

CVE-2023-29420

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

Code injection

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

CVE-2023-29420

CVE-2023-29420 affects libbzip3.a in bzip3, with a crash caused by an invalid memmove in bz3_decode_block present in versions before 1.2.3. The issue enables a NETWORK attack with LOW complexity and requires user interaction, yielding HIGH impact to availability and MEDIUM overall severity (CVSS ...

CVE-2023-29420

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

PT-2023-22248 · Bzip3 · Bzip3

Name of the Vulnerable Software and Affected Versions: bzip3 versions prior to 1.2.3 Description: An issue was discovered in libbzip3.a. There is a crash caused by an invalid memmove in bz3 decode block. Recommendations: For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the...

CVE-2023-29420

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

Amazon Linux 2023 : lz4, lz4-devel, lz4-libs (ALAS2023-2023-015)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-015 advisory. There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument,...

K13255123: glibc vulnerability CVE-2017-18269

Security Advisory Description An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of t...

SUSE CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

SUSE CVE-2017-18269

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...