6880 matches found
Moderate: Red Hat Security Advisory: libtiff security update
An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions
A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...
kernel: x86/speculation: Fill RSB on vmexit for IBRS
In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...
hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions
A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...
OSV-2022-1148 Stack-buffer-underflow in gs_type2_interpret
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53054 Crash type: Stack-buffer-underflow READ 4 Crash state: gstype2interpret gstype1glyphinfo pdficffglyphinfo...
Amazon Linux 2022 : libtiff, libtiff-devel, libtiff-static (ALAS2022-2022-183)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-183 advisory. Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available wi...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to stack-buffer overflow in the putepelhvfallback function in fallback-motion.cc, allowing an attacker to crash the application through a maliciously crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to a stack-buffer overflow in the putqpelfallback function of fallback-motion.cc, allowing an attacker to crash the application through a maliciously crafted video file...
hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions
A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...
hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions
A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...
CVE-2022-43236
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43237
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43236
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43237
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43237
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43236
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
Stack overflow
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
Libde265 缓冲区错误漏洞
Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.8, which originates from mcchroma in motion.cc contains a stack buffer overflow that can be exploited by an attacker to cause a denial of service DoS via a crafted video file...
CVE-2022-43236
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43236
Libde265 v1.0.8 contains a stack-buffer-overflow via put_qpel_fallback in fallback-motion.cc, enabling DoS with a crafted video file. Debian advisory DSA-5346-1 fixes this by upgrading libde265 to 1.0.11; monitor for updates from affected vendors (Astra/CLOUD Foundry entries also reference this C...