AlmaLinux 8 : samba (ALSA-2022:7111)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7111 advisory. - A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing...

samba: server memory information leak via SMB1

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

GSD-2022-1005734 bpf: Don't use tnum_range on array range checking for poke descriptors

bpf: Don't use tnumrange on array range checking for poke descriptors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.140 by commit...

GSD-2022-1005015 bpf: Don't use tnum_range on array range checking for poke descriptors

bpf: Don't use tnumrange on array range checking for poke descriptors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit...

The vulnerability of the SMB1 protocol implementation in the Samba network communication software allows a perpetrator to induce a service failure.

The vulnerability of the SMB1 protocol implementation in the Samba networking software lies in the fact that the operation values are written outside the buffer in memory during the range checking process. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

Input validation

Improper input and range checking in the AMD Secure Processor ASP boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution...

CVE-2021-26335

Improper input and range checking in the AMD Secure Processor ASP boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution...

CVE-2016-8437

Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR1009695...

CVE-2016-8437

Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR1009695...

CVE-2016-8437

CVE-2016-8437 describes an improper input validation in Android’s Access Control APIs, with the kernel 3.18 memory range check potentially mishandled. Affected product: Android (Kernel 3.18). Official description notes a memory-range check issue but does not provide exploit paths or a concrete fi...

SuSE 11.3 Security Update : binutils (SAT Patch Number 10214)

binutils has been updated to fix eight security issues : - Lack of range checking leading to controlled write in bfdelfsetupsections. CVE-2014-8485 - Invalid read flaw in libbfd. CVE-2014-8484 - Write to uninitialized memory in the PE parser. CVE-2014-8501 - Crash in the PE parser. CVE-2014-8502 ...

[SECURITY] [DSA 3111-1] cpio security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3111-1 [email protected] http://www.debian.org/security/ Michael Gilbert December 22, 2014 http://www.debian.org/security/faq -...

DSA-3111-1 cpio - security update

Bulletin has no description...

Debian Security Advisory DSA 3111-1 (cpio - security update)

Michal Zalewski discovered an out of bounds write issue in cpio, a tool for creating and extracting cpio archive files. In the process of fixing that issue, the cpio developers found and fixed additional range checking and null pointer dereference issues. OpenVAS Vulnerability Test $Id:...

Debian: Security Advisory (DSA-3111-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

binutils: multiple issues

CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...

arm-none-eabi-binutils: multiple issues

CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...

Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash

No description provided by source. Many shell users, and certainly a lot of the people working in computer forensics or other fields of information security, have a habit of running /usr/bin/strings on binary files originating from the Internet. Their understanding is that the tool simply scans t...

Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash

Exploit for linux platform in category dos / poc Many shell users, and certainly a lot of the people working in computer forensics or other fields of information security, have a habit of running /usr/bin/strings on binary files originating from the Internet. Their understanding is that the tool...

Linux Kernel 2.4.x/2.6.x Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12837/info The Linux kernel is reported prone to multiple vulnerabilities that occur because of range-checking flaws present in the ISO9660 handling routines. An attacker may exploit these issues to trigger kernel-based...