2305 matches found
The vulnerability of the SELinux security mechanism, which allows a perpetrator to circumvent existing access restrictions
The vulnerability of the SELinux security mechanism is related to code errors. Exploiting this vulnerability can allow an attacker, who operates locally, to gain access to memory with write and execute privileges by manipulating system calls such as iosetup, ioctxalloc, and aiosetupring...
[slackware-security] x11
New x11 packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libX11-1.6.4-i586-1slack14.2.txz: Upgraded. Insufficient validation of data from the X server can cause o...
DLA-684-1 libx11 - security update
Bulletin has no description...
MGASA-2016-0349 The updated packages fix libtiff security vulnerabilities
The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. CVE-2015-7554 Heap-based buffer overflow in the...
The updated packages fix libtiff security vulnerabilities
The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. CVE-2015-7554 Heap-based buffer overflow in the...
F5 Networks BIG-IP : LibTIFF vulnerability (K38871451)
The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF. CVE-2015-7554 C Tenable Network Security, Inc. The descriptive text...
X.Org libXrender Denial of Service Vulnerability
X.Org libXrender is a lightweight library interface proprietary to the Render extension operated by the X.Org Foundation. A security vulnerability exists in X.Org libXrender, which can be exploited by an attacker to cause a denial of service out-of-bounds memory write...
X.Org libX11 Denial of Service Vulnerability
X.Org libX11 is an X11 X Window System client library run by the X.Org Foundation. A security vulnerability exists in X.Org libX11 1.6.3 and earlier versions that can be exploited by an attacker to cause a denial of service out-of-bounds memory read or write...
X.Org libX11 Denial of Service Vulnerability (CNVD-2016-08893)
X.Org libX11 is an X11 X Window System client library run by the X.Org Foundation. A security vulnerability exists in X.Org libX11, which can be exploited by an attacker to cause a denial of service out-of-bounds memory read or write...
MGASA-2016-0338 Updated openssl packages fix security vulnerabilities
Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic CVE-2016-2177. Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code CVE-2016-2178. Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS CVE-2016-2179,...
Updated openssl packages fix security vulnerabilities
Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic CVE-2016-2177. Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code CVE-2016-2178. Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS CVE-2016-2179,...
Debian Security Advisory DSA 3673-1 (openssl - security update)
Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/CVE-2016-2178 Cesar Pereida, Billy Brumley and...
SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2010-1)
This update for the Linux Kernel 3.12.51-5239 fixes several issues. The following security bugs were fixed : - CVE-2016-4470: The keyrejectandlink function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a...
DEBIAN-CVE-2016-6207
Integer overflow in the gdContributionsAlloc function in gdinterpolation.c in GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds memory write or memory consumption via unspecified vectors...
CVE-2016-6207
Integer overflow in the gdContributionsAlloc function in gdinterpolation.c in GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds memory write or memory consumption via unspecified vectors...
EUVD-2016-7140
Integer overflow in the gdContributionsAlloc function in gdinterpolation.c in GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds memory write or memory consumption via unspecified vectors...
libtiff: Invalid-write in _TIFFVGetField() when parsing some extension tags
The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...
libtiff: Invalid-write in _TIFFVGetField() when parsing some extension tags
The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...
CVE-2016-6207
Integer overflow in the gdContributionsAlloc function in gdinterpolation.c in GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds memory write or memory consumption via unspecified vectors...
CVE-2016-6207
Integer overflow in the gdContributionsAlloc function in gdinterpolation.c in GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds memory write or memory consumption via unspecified vectors...