5 matches found
CVE-2026-31636
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator. Since p is a be32 , that inflate...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 CVE-2024-47600: Fixed an out-of-bounds read in...
GO-2023-2074 Parser out-of-bounds read caused by a malformed markdown input in github.com/gomarkdown/markdown
Parser out-of-bounds read caused by a malformed markdown input in github.com/gomarkdown/markdown...
CVE-2017-1000128
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser...
Updated libxfont package fixes security vulnerabilities
The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries for each property based on that count. It never checked to see if that count was negative, or large enough to overflow when multiplied by the size of the structures...