[SECURITY] [DLA 2085-1] zlib security update

Package : zlib Version : 1:1.2.8.dfsg-2+deb8u1 CVE ID : CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointe...

Ubuntu: Security Advisory (USN-4246-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4246-1: zlib vulnerabilities

It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...

USN-4246-1 zlib vulnerabilities

It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...

The vulnerability of the rds_tcp_kill_sock() function in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the rdstcpkillsock function in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability in the `fs/btrfs/volumes.c` function of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the fs/btrfs/volumes.c function in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure due to incorrect processing of finddevice...

EulerOS 2.0 SP5 : zlib (EulerOS-SA-2019-2704)

According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.CVE-2016-984...

The vulnerability of the hf_assembly function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to trigger a service failure.

The vulnerability of the hfassembly function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the boundaries of the memory buffer. Exploiting this vulnerability could allow an attacker to cause a system failur...

The vulnerability of the sbrDecodeSingleFramePS function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to cause a service failure.

The vulnerability of the sbrDecodeSingleFramePS function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the bounds of the memory buffer. Exploiting this vulnerability could allow an attacker to cause a syste...

The vulnerability of the nbd_genl_status function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the nbdgenlstatus function drivers/block/nbd in the Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure through a specially created application...

The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems, related to pointer arithmetic errors, allows a hacker to cause a service failure.

The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to cause service failures...

The vulnerability of the __strlen_sse2_pminub function in the infotocap utility from the ncurses-bin package allows a hacker to cause a service failure.

The vulnerability of the strlensse2pminub function located in the file sysdeps/x8664/multiarch/strlen-sse2-pminub.S:39 in the infotocap utility from the ncurses-bin package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to cause a system failure ...

The vulnerability of the gpg data encryption tool from the gnupg package, related to errors in pointer arithmetic, allows a perpetrator to trigger a service failure.

The vulnerability of the gpg data encryption tool from the gnupg package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to trigger a service failure, by passing a specially crafted file as an argument to the command line...

The vulnerability of the syntax analysis procedure for Python interpreter certificates allows attackers to trigger a service failure.

The vulnerability of the syntax analysis procedure for Python interpreter certificates is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

The vulnerability in the implementation of the NFS protocol in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the NFS protocol implementation in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of Linux operating system kernels, related to pointer arithmetic that goes beyond the allowed values, allows attackers to execute attacks through side channels.

The vulnerability of Linux operating systems’ kernels kernel/bpf/verifyier.c is related to an offset out of bounds. Exploiting this vulnerability could allow an attacker to execute attacks through secondary channels...

The vulnerability of the testcase_str2dep_complex function in the libsolv library, which allows a hacker to cause a service failure.

The vulnerability of the testcasestr2depcomplex function in the library libsolv ext/testcase.c is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the libsolv library, related to pointer dereferencing errors, allows a hacker to trigger a service failure.

The vulnerability of the testcaseread function in the libsolv library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service failures...

EulerOS Virtualization 2.5.3 : zlib (EulerOS-SA-2019-1276)

According to the versions of the zlib packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer...

The vulnerability of the vcpu_scan_ioapic function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the vcpuscanioapic function arch/x86/kvm/x86.c in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure due to a system call to the Kernel-Based Virtual Machine KVM...