Lucene search
K

18 matches found

OSV
OSV
added 2026/05/05 8:27 a.m.8 views

CLSA-2026-1777969446 binutils: Fix of 8 CVEs

CVE-2021-45078: fix heap-based buffer overflow in stabxcoffbuiltintype - CVE-2021-46174: fix buffer overflow in readsectionstabsdebugginginfo - CVE-2022-44840: fix heap buffer overflow in findsectioninset - CVE-2022-45703: fix heap buffer overflow in displaygdbindex - CVE-2022-47695: fix...

7.8CVSS7AI score0.01312EPSS
Exploits8References1
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an exception in the RCU read section where the cachestat function is refreshing statistics...

5.5CVSS6.6AI score0.00288EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/03 2:9 a.m.3 views

SUSE CVE-2024-27053

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ 333 N...

3.3CVSS6.3AI score0.01635EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.4 views

The vulnerability of the read_section function in the dwarf2.c component of the GNU Binutils development environment allows a hacker to induce a service failure.

The vulnerability of the readsection function in the dwarf2.c component of the GNU Binutils development environment relates to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to cause a service failure by using a specially created ELF file...

7.8CVSS7AI score0.01555EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.4 views

The vulnerability of the read_section() function in the dwarf2.c component of the GNU Binutils development environment allows a hacker to induce a service failure.

The vulnerability of the readsection function in the dwarf2.c component of the GNU Binutils development environment is related to insufficient input data validation. Exploiting this vulnerability allows an attacker who operates remotely to trigger a service failure using a specially created file...

7.1CVSS6.6AI score
Exploits0References7Affected Software3
OSV
OSV
added 2021/10/28 10:12 p.m.7 views

CLSA-2021-1635459149 Fix CVE(s): CVE-2021-3487

SECURITY UPDATE: - CVE-2021-3487.patch: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection. - CVE-2021-3487...

6.8AI score
Exploits0References1
OSV
OSV
added 2021/10/05 2:7 p.m.4 views

CLSA-2021-1633442827 Fix of CVE: CVE-2021-3487

CVE-2021-3487: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection...

6.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/08/19 12:0 a.m.3 views

The vulnerability in the implementation of the read_section_as_string() function of the Grub2 operating system allows a attacker to influence data integrity or cause service failures.

The vulnerability of the readsectionasstring function in the Grub2 operating system’s loader is related to the issue of data operations going beyond the buffer boundaries. This is because the maximum length of a UINT32MAX is 1 byte. Exploiting this vulnerability could allow an attacker to influen...

5.1CVSS6.9AI score0.00478EPSS
Exploits0References12Affected Software6
RedHat Linux
RedHat Linux
added 2020/08/03 12:15 p.m.3 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00478EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/03 12:6 p.m.3 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00478EPSS
Exploits0References4
CNVD
CNVD
added 2020/08/03 12:0 a.m.1 views

grub2 heap buffer overflow vulnerability (CNVD-2020-45111)

GRUB2 is a bootloader. A heap buffer overflow vulnerability exists in the readsectionasstring function in grub2 versions prior to 2.06. An attacker can exploit this vulnerability to cause an arithmetic overflow and zero-size allocation via a malicious font file with the name UINT32MAX, which can...

6CVSS9.5AI score0.00478EPSS
Exploits0References1
OSV
OSV
added 2020/07/31 10:15 p.m.2 views

ALPINE-CVE-2020-14310

There is an issue on grub2 before version 2.06 at function readsectionasstring. It expects a font name to be at max UINT32MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a...

6CVSS7.1AI score0.00478EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/29 7:42 p.m.5 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00478EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/29 6:34 p.m.4 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00478EPSS
Exploits0References4
OSV
OSV
added 2020/07/29 5:0 p.m.1 views

UBUNTU-CVE-2020-14310

There is an issue on grub2 before version 2.06 at function readsectionasstring. It expects a font name to be at max UINT32MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a...

6CVSS7.2AI score0.00478EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/07/29 12:0 a.m.8 views

PT-2020-3622 · Gnu +7 · Grub2 +7

Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: The issue is related to the read section as string function, which expects a font name to be at most UINT32 MAX - 1 length in bytes but does not verify it before proceeding with buffer allocation. Thi...

8.2CVSS7.5AI score0.01738EPSS
Exploits2References152
OSV
OSV
added 2017/09/04 8:29 p.m.2 views

DEBIAN-CVE-2017-14129

The readsection function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service parsecompunit heap-based buffer over-read and application crash via a crafted ELF file...

5.5CVSS6.4AI score0.01555EPSS
Exploits0References1
OSV
OSV
added 2009/05/22 11:52 a.m.2 views

DEBIAN-CVE-2009-1755

Off-by-one error in the packetreadquerysection function in packet.c in nsd 3.2.1, and processquerysection in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow...

5CVSS8.2AI score0.03157EPSS
Exploits0References1
Rows per page
Query Builder