CVE-2020-27170

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This...

The vulnerability of Linux operating system kernels, related to pointer arithmetic errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Linux operating system kernels is related to pointer arithmetic errors. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of SELinux’s access control system in the Linux operating system allows a perpetrator to trigger a service failure.

The vulnerability of SELinux’ access control system in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the jp2_decode function (libjasper/jp2/jp2_dec.c) in the JasPer library allows a hacker to induce a service failure.

The vulnerability of the jp2decode function libjasper/jp2/jp2dec.c in the JasPer library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the w5864handle_frame() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the w5864handleframe function located in the drivers/media/pci/tw5864/tw5864-video.c file in the Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the Linux operating system’s kernel, related to a pointer dereferencing error, allows attackers to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to a pointer arithmetic error. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `ovl_posix_acl_create` function in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the ovlposixaclcreate function located in fs/overlayfs/dir.c in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the RESTCONF and NETCONF-YANG protocols implemented in the Cisco IOS XE operating system allows a attacker to cause service interruptions.

The vulnerability of the RESTCONF and NETCONF-YANG protocols implemented by the Cisco IOS XE operating system is related to errors in pointer arithmetic. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the sf_write_int function in the libsndfile library, which allows a hacker to cause a service failure.

The vulnerability of the sfwriteint function in the libsndfile library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the uar_read and uar_write functions in the PVRDMA virtual network adapter emulator for hardware emulation software QEMU allows a hacker to induce a service failure.

The vulnerability of the uarread and uarwrite functions in the PVRDMA virtual network adapter emulator for hardware emulation software QEMU is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

EulerOS Virtualization 3.0.6.0 : zlib (EulerOS-SA-2020-1741)

According to the versions of the zlib packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer...

The vulnerability of the rpcapd/daemon.c component in the libpcap library allows a hacker to trigger a service failure.

The vulnerability of the rpcapd/daemon.c component in the libpcap library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the functions ov511_mode_init regs and ov518_mode_init regs in the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the functions ov511modeinit regs and ov518modeinit regs drivers/media/usb/gspca/ov519.c in the Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

EulerOS Virtualization for ARM 64 3.0.2.0 : zlib (EulerOS-SA-2020-1556)

According to the version of the zlib packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer...

The vulnerability of the SeekPercent function in the VideoLAN VLC media player’s demux/asf.c file allows a hacker to cause a service failure.

The vulnerability of the SeekPercent function in the VideoLAN VLC media player’s demux/asf.c file is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service failure remotely...

CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic...

USN-4292-1 rsync vulnerabilities

It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that rsync incorrectly handled vectors...

Ubuntu: Security Advisory (USN-4292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4246-1: zlib vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-984...

Debian DLA-2085-1 : zlib security update

Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointer arithmetic. For Debian 8 'Jessie', these problems have been fixed in version 1:1.2.8.dfsg-2+deb8u1. We recomme...