CVE-2017-0350

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potential escalation of privileges...

UBUNTU-CVE-2017-0350

All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used in an offset calculation may lead to denial of service or potential escalation of privileges...

DEBIAN-CVE-2017-8396

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that condu...

CVE-2014-9929

In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1007)

According to the version of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting...

ALPINE-CVE-2017-7705

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset...

UBUNTU-CVE-2017-7705

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset...

DEBIAN-CVE-2017-7705

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset...

DEBIAN-CVE-2016-5011

The parsedosextended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service memory consumption via a crafted MSDOS partition table with an extended partition boot record at zero offset...

CVE-2017-7301

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker ld program crash...

Buffer overflow

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker ld program crash...

Heap overflow

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...

DEBIAN-CVE-2017-7300

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...

CVE-2016-10253

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the...

CVE-2015-8981

Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to moffsets.size...

ALPINE-CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

DEBIAN-CVE-2017-6473

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets...

AZL-7268 CVE-2017-5835 affecting package libplist 2.1.0-4

libplist allows attackers to cause a denial of service large memory allocation and crash via vectors involving an offset size of zero...

DEBIAN-CVE-2017-5835

libplist allows attackers to cause a denial of service large memory allocation and crash via vectors involving an offset size of zero...

AZL-36955 CVE-2017-5835 affecting package libplist 2.7.0-1

libplist allows attackers to cause a denial of service large memory allocation and crash via vectors involving an offset size of zero...