RHEL 8 : glibc (RHSA-2023:5455)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5455 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

Mageia: Security Advisory (MGASA-2023-0270)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4527 Glibc: stack read overflow in getaddrinfo in no-aaaa mode

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

CVE-2023-4527 Glibc: stack read overflow in getaddrinfo in no-aaaa mode

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

AZL-31201 CVE-2023-25659 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

SUSE CVE-2013-3224

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

SUSE CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

SUSE CVE-2017-7890

The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read 700 bytes from the top of the...

PT-2022-13245 · Htmldoc +4 · Htmldoc +4

Name of the Vulnerable Software and Affected Versions: htmldoc version 1.9.15 Description: A vulnerability was found in htmldoc where the stack out-of-bounds read takes place in the gif get code function and occurs when opening a malicious GIF file, which can result in a crash segmentation fault...

CLSA-2021-1638803819 Fix of 56 CVEs

CVE-2017-7223: Fix global buffer overflow of size 1 - CVE-2017-7224: Fix invalid write of size 1 while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow -...

PT-2021-8038 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc6+ Description: The vulnerability is related to a stack out-of-bounds read in the sch frag function when fragmenting IPv4 packets. This occurs when act mirred tries to fragment IPv4 packets that had bee...

PT-2021-8274 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc6+ Description: The vulnerability is related to a stack out-of-bounds read in the ip do fragment function when fragmenting IPv4 packets. This occurs when the ovs fragment function uses a temporary struc...

SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2019:1339-1)

This update for bluez fixes the following issues : Security vulnerability addressed : CVE-2016-9797: Fixed a buffer over-read in l2capdump bsc1013708. CVE-2016-9798: Fixed a use-after-free in confopt bsc1013712. CVE-2016-9917: Fixed a heap-based buffer overflow in readn bsc1015171. CVE-2016-9802:...

Medium: binutils

Issue Overview: The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue...

CVE-2019-8277

UltraVNC revision 1211 contains multiple memory leaks CWE-665 in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...

Arbitrary Code Execution

firefox and thunderbird is vulnerable to arbitrary code execution attacks. The vulnerability exists as the nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds...

Schneider Electric U.motion Builder Buffer Overflow Vulnerability

U.motion Builder is a builder product from Schneider Electric France. The Schneider Electric U.motion Builder suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code, read the stack or cause a segmentation error in a running application...

oniguruma: Out-of-bounds stack read in mbc_enc_len() during regular expression searching

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...

CVE-2017-17857

The checkstackboundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations...

CVE-2017-17857

The checkstackboundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations...