SUSE-SU-2021:0156-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash bsc1179103. - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel bsc1179202. - CVE-2020-25665: Fixed a heap-based buffer overflow in...

Backdoor.Win32.Mnets Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1e42493dcef54a62bc28e0a1338c1142.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mnets Vulnerability: Remote Stack Buffer Overflow - UDP Datagram Proto Description: T...

OSV-2018-284 Stack-buffer-overflow in pdf_lookup_cmap_full

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494 Crash type: Stack-buffer-overflow WRITE 4 Crash state: pdflookupcmapfull pdfremapcmaprange pdfremapcmap...

Medium: tigervnc

Issue Overview: TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process...

Amazon Linux AMI : tigervnc (ALAS-2021-1470)

The version of tigervnc installed on the remote host is prior to 1.8.0-21.34. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1470 advisory. TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack...

OSV-2017-119 Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3376 Crash type: Stack-buffer-overflow READ 2 Crash state: ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId ot::NetworkData::Leader::HandleCommissioningSet ot::Coap::Coap::ProcessReceivedRequest...

OSV-2021-152 Stack-buffer-overflow in ot::NetworkData::ServerTlv::GetServer16

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5878 Crash type: Stack-buffer-overflow READ 2 Crash state: ot::NetworkData::ServerTlv::GetServer16 ot::NetworkData::Leader::RlocLookup ot::NetworkData::Leader::RegisterNetworkData...

OSV-2017-53 Stack-buffer-overflow in _psl_idna_toASCII

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2600 Crash type: Stack-buffer-overflow READ Crash state: pslidnatoASCII addpunycodeifneeded pslloadfp...

OSV-2018-192 Stack-buffer-overflow in highbd_dr_prediction_z1_64xN_avx2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11517 Crash type: Stack-buffer-overflow READ 16 Crash state: highbddrpredictionz164xNavx2 av1highbddrpredictionz1avx2 av1predictintrablock...

OSV-2018-182 Stack-buffer-overflow in cdma2k_message_HANDOFF_DIR

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11633 Crash type: Stack-buffer-overflow READ 2 Crash state: cdma2kmessageHANDOFFDIR cdma2kmessagedecode dissectcdma2k...

OSV-2018-173 Stack-buffer-overflow in nullable_memcpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10865 Crash type: Stack-buffer-overflow READ Crash state: nullablememcpy nshkeytoattr parseodppushnshaction...

OSV-2018-155 Stack-buffer-overflow in cff_parser_run

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9865 Crash type: Stack-buffer-overflow READ 8 Crash state: cffparserrun cffsubfontload cfffontload...

OSV-2018-130 Stack-buffer-overflow in parse_tables

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12466 Crash type: Stack-buffer-overflow WRITE 7 Crash state: parsetables processblock douncompressfile...

OSV-2018-73 Stack-buffer-overflow in hb_array_t<char const>::cmp

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11908 Crash type: Stack-buffer-overflow READ 4 Crash state: hbarrayt::cmp OT::post::acceleratort::cmpkey hbbsearchr...

OSV-2021-52 Stack-buffer-overflow in ot::KeyManager::SetMasterKey

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7766 Crash type: Stack-buffer-overflow READ 16 Crash state: ot::KeyManager::SetMasterKey ot::MeshCoP::Dataset::ApplyConfiguration ot::MeshCoP::DatasetManager::Set...

Backdoor.Win32.Kurbadur.a Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/821d3d5a9b15dc3388fe17f233cce296.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Kurbadur.a Vulnerability: Remote Stack Buffer Overflow Description: The malware liste...

SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2021:0081-1)

This update for ImageMagick fixes the following issues : CVE-2020-19667 bsc1179103: Stack buffer overflow in XPM coder could result in a crash Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

SUSE-SU-2021:0081-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2020-19667 bsc1179103: Stack buffer overflow in XPM coder could result in a crash...

Backdoor.Win32.Levelone.a Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6a2d09c4527cf222e4e2571b074fcc0c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Levelone.a Vulnerability: Remote Stack Buffer Overflow Description: The malware liste...

Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Remote Stack Buffer Overflow Description: The specimen drop...