Amazon Linux 2023 : lz4, lz4-devel, lz4-libs (ALAS2023-2023-015)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-015 advisory. There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument,...

K13255123: glibc vulnerability CVE-2017-18269

Security Advisory Description An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of t...

SUSE CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

SUSE CVE-2017-18269

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...

SUSE CVE-2018-19416

An issue was discovered in sysstat 12.1.1. The remapstruct function in sacommon.c has an out-of-bounds read during a memmove call, as demonstrated by sadf...

SUSE CVE-2019-6488

The string component in the GNU C Library aka glibc or libc6 through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for sizet in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in...

SUSE CVE-2019-16226

An issue was discovered in py-lmdb 0.97. mdbnodedel does not validate a memmove in the case of an unexpected node-mnhi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker...

SUSE CVE-2021-3520

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

Huawei EulerOS: Security Advisory for lz4 (EulerOS-SA-2023-1273)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : lz4 (EulerOS-SA-2023-1273)

According to the versions of the lz4 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer...

Amazon Linux 2022 : lz4, lz4-devel, lz4-libs (ALAS2022-2022-169)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-169 advisory. There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument,...

DEBIAN-CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

Code injection

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35024

CVE-2022-35024 affects OTFCC (OpenType font tooling library). A segmentation fault has been observed in commit 617837b when executing code paths involving /multiarch/memmove-vec-unaligned-erms.S. The available connected documents consistently cite a segmentation violation at that location as the ...

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

OTFCC 安全漏洞

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC has a security vulnerability that stems from a segmentation violation located at its /multiarch/memmove-vec-unaligned-erms.S. No detailed vulnerability details are currently available...

CVE-2022-35086

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...