kernel: net: bluetooth: information leak when processing certain AMP packets

An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...

kernel: net: bluetooth: information leak when processing certain AMP packets

An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...

FreeBSD : mail/dovecot -- multiple vulnerabilities (87a07de1-e55e-4d51-bb64-8d117829a26a)

Aki Tuomi reports : Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory.. Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash...

SUSE SLED15 / SLES15 Security Update : vino (SUSE-SU-2020:2009-1)

This update for vino fixes the following issues : CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory bsc1155419. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable h...

SUSE-SU-2020:2009-1 Security update for vino

This update for vino fixes the following issues: - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory bsc1155419...

SUSE SLES12 Security Update : tigervnc (SUSE-SU-2020:1749-1)

This update for tigervnc fixes the following issues : CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder bsc1159856. CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode bsc1160250. CVE-2019-15693: Fixed a heap-based buffer overflow in...

CVE-2020-12883

Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sncoapparseroptionsparse parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the current point packetdatapptr ...

Information Disclosure

janus-gateway is vulnerable to information disclosure. The leakage is possible because the function janusprocessincomingrequest in janus.c causes stack memory leak due to lack of proper handling of errorstr on SDP code...

Unspecified Vulnerability in Meetecho Janus (CNVD-2020-34718)

Meetecho Janus is a WebRTC Web Real Time Communication server from Meetecho. An unspecified vulnerability exists in Meetecho Janus. An attacker can exploit this vulnerability to obtain information about uninitialized stack memory...

CVE-2020-13899

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusprocessincomingrequest in janus.c discloses information from uninitialized stack memory...

CVE-2020-13899

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusprocessincomingrequest in janus.c discloses information from uninitialized stack memory...

Stack overflow

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusprocessincomingrequest in janus.c discloses information from uninitialized stack memory...

CVE-2020-13899

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusprocessincomingrequest in janus.c discloses information from uninitialized stack memory...

CVE-2020-13899

An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusprocessincomingrequest in janus.c discloses information from uninitialized stack memory...

Huawei Data Communication: Resource Exhaustion Vulnerability on Several Products (huawei-sa-20171213-02-h323)

There is a resource exhaustion vulnerability on several products. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

NewStart CGSL CORE 5.04 / MAIN 5.04 : chrony Multiple Vulnerabilities (NS-SA-2020-0027)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has chrony packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service crash via a crafted 1...

CVE-2020-0110

A flaw was found in the Pressure stall information subsystem. This flaw allows a local attacker with the ability to write to root-owned files to corrupt kernel stack memory. Mitigation As the attacker must have the ability to write to these files, a possible mitigation would be to reduce the acce...

CVE-2020-10060

In updatehubprobe, right after JSON parsing is complete, objects\1 is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an...

Design/Logic Flaw

In updatehubprobe, right after JSON parsing is complete, objects\1 is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an...

CVE-2020-10060 UpdateHub Might Dereference An Uninitialized Pointer

In updatehubprobe, right after JSON parsing is complete, objects\1 is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an...