13 matches found
EUVD-2017-15989
Malware in sbrugna...
Debian DLA-908-1 : chicken security update
It was found that CHICKEN did not sanitize the size argument when allocating SRFI-4 vectors, which could lead to segfaults or buffer overflows with some sizes. For Debian 7 'Wheezy', these problems have been fixed in version 4.7.0-1+deb7u2. We recommend that you upgrade your chicken packages. NOT...
CVE-2017-6949
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc. With an unexpected size, the impact may have been a segfault ...
Buffer overflow
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc. With an unexpected size, the impact may have been a segfault ...
CVE-2017-6949
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc. With an unexpected size, the impact may have been a segfault ...
CVE-2017-6949
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc. With an unexpected size, the impact may have been a segfault ...
CVE-2017-6949
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc. With an unexpected size, the impact may have been a segfault ...
CVE-2017-6949
CVE-2017-6949 affects CHICKEN Scheme up to version 4.12.0. A nonstandard CHICKEN extension allocates an SRFI-4 vector in unmanaged memory, and the vector size is passed to malloc() without sanitisation. An unexpected size can lead to a segfault or a buffer overflow. The connected documents refere...
CVE-2017-6949
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc. With an unexpected size, the impact may have been a segfault ...
chicken -- multiple vulnerabilities
CHICKEN reports: CVE-2017-6949: Unchecked malloc call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault CVE-2017-9334: "length" crashes on improper lists CVE-2017-11343: The randomization factor of the symbol table was set before...
CVE-2014-3776
Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service memory corruption and application crash and possibly execute arbitrary code via a "f" value in the NUM argumen...
CVE-2014-3776
Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service memory corruption and application crash and possibly execute arbitrary code via a "f" value in the NUM argumen...
CVE-2014-3776
CVE-2014-3776 affects CHICKEN: a buffer overflow in the read-u8vector! procedure of the srfi-4 unit allows a remote attacker to trigger memory corruption, potentially crash the application or execute code via a malformed NUM argument. Impact is described as memory corruption and possible arbitrar...