Apple DCERPC presentation result list out of bounds memory access

Talos Vulnerability Report TALOS-2022-1659 Apple DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-23539 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in DCERPC library as...

Exploit for Race Condition in Qualcomm Apq8053_Firmware

Fork My adaptation for the SM-F926U from the original exploit...

CVE-2023-22387 Use of Out-of-range Pointer Offset in Qualcomm IPC

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption...

ROS-20230616-03

Vim text editor vulnerability is related to using pointer offset outside the allowed range in mbcharlen function in mbyte.c. range in the mbcharlen function in mbyte.c. Exploitation of the vulnerability could allow an attacker, remotely, trick the victim into opening a specially crafted file and...

glib2 资源管理错误漏洞

glib2 is a general-purpose, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, main loop abstractions, and more. A resource management error vulnerability exists in glib2, which stems from a timeout due t...

Amazon Linux AMI : vim (ALAS-2023-1761)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1761 advisory. Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. CVE-2023-2426 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. CVE-2023-2609 Integer...

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access.

...

Important: vim

Issue Overview: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. CVE-2023-2426 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. CVE-2023-2609 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. CVE-2023-2610...

CVE-2023-32636

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

UBUNTU-CVE-2023-32636

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

CVE-2023-32636

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

SUSE CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

CBL Mariner 2.0 Security Update: vim (CVE-2023-2426)

The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2426 advisory. - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. CVE-2023-2426 Note that Nessu...

Mageia: Security Advisory (MGASA-2023-0192)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

Out-of-bounds

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

UBUNTU-CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

Updated vim packages fix security vulnerability

Use of Out-of-range Pointer Offset in GitHub repository vim/vim. CVE-2023-2426...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 6.3.3, which stems from ext4groupdesccsum failing to properly check offsets. An attacker could exploit the...

CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...