Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2023-1060)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Integer overflow in realloc call

Description Integer overflow in realloc and memcpy calls in coreanalgraphlabel. In the process of concatenating source lines based on DWARF data, the resulting size 32bit signed int can overflow. The sizes of the realloc and memcpy calls differ, and potentially can lead to writes in an unintended...

SUSE SLED12 / SLES12 Security Update : gstreamer-0_10-plugins-good (SUSE-SU-2022:3906-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3906-1 advisory. - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.30398)

The version of AHV installed on the remote host is prior to 20201105.30398. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.30398 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - In Expat...

CVE-2022-40762

A Memory Allocation with Excessive Size Value vulnerablity in the TEERealloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEERealloc with an excessive number for the parameter len...

PT-2022-25523 · Samsung · Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: A Memory Allocation with Excessive Size Value issue in the TEE Realloc function allows a trusted application to trigger a Denial of Service DoS by invoking the function TEE Realloc with a...

SAMSUNG mTower 安全漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from an over-valued memory allocation in its TEERealloc function that allows a trusted application to trigger a denial of...

CVE-2022-1922

DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gstmatroskadecompressdata function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS...

Uncontrolled Memory Allocation in function lodepng_realloc

Description Uncontrolled Memory Allocation in function lodepngrealloc at lodepng/lodepng.c:86 Version git log commit 06bb36ae2c9b9074e9736a2e25845a2e789cc4e6 HEAD - master, origin/master, origin/HEAD Author: Hans Petter Jansson Date: Fri Jul 1 01:06:00 2022 +0200 POC ./tools/chafa/chafa...

Medium: expat

Issue Overview: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory. CVE-2021-45960 Affected Packages: expat Issue Correction: Run yum update expat or y...

CVE-2022-20803

A vulnerability in the OLE2 file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a...

F5 Networks BIG-IP : Expat vulnerabilities (K91589041)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K91589041 advisory. CVE-2021-45960In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts...

Medium: expat

Issue Overview: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory. CVE-2021-45960 Affected Packages: expat Note: This advisory is applicable to Amazon...

GSD-2022-1000313 libsubcmd: Fix use-after-free for realloc(..., 0)

libsubcmd: Fix use-after-free for realloc..., 0 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.268 by commit...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Expat vulnerabilities (USN-5288-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5288-1 advisory. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or...

Debian DLA-2904-1 : expat - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2904 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating to...

SUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2022:0178-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0178-1 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead t...

SUSE-SU-2022:0178-1 Security update for expat

This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior bsc1194251. - CVE-2021-46143: Fixed integer overflow in mgroupSize in doProlog bsc1194362. - CVE-2022-22822: Fixed integer overflow in...

MGASA-2022-0031 Updated expat packages fix security vulnerability

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory. CVE-2021-45960 In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow...

Denial Of Service (DoS)

expat is vulnerable to denial-of-service. The vulnerability exists in storeAtts function in xmlparse.c may lead to realloc misbehavior, allowing a malicious user to cause an application crash...