CVE-2023-52618 block/rnbd-srv: Check for unlikely string overflow

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "devsearchpath" can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into "fullpath" since it was also PATHMAX sized...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a string overflow vulnerability in block/rnbd-srv...

CVE-2023-52464 EDAC/thunderx: Fix possible out-of-bounds string access

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat: drivers/edac/thunderxedac.c: In function 'thunderxocxcomthreadedisr':...

Asrmicro ASR1803, ASR1806 Security Vulnerabilities

The Asrmicro ASR1803 and Asrmicro ASR1806 are both chips from Avantage Technology Asrmicro, a Chinese company. A security vulnerability exists in the Asrmicro ASR1803, ASR1806, which stems from a security best practice violation whereby string operations in streaming media will write to the end o...

CLSA-2023-1698351940 vim: Fix of 2 CVEs

CVE-2023-5441: segfault in exmode - CVE-2023-5344: buffer overflow in truncstring...

SUSE CVE-2008-4575

Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service crash via 1 a long -cmd argument and 2 unspecified vectors related to "a bunch of potential string overflows."...

SUSE CVE-2018-14598

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS segmentation fault...

expat: Integer overflow in copyString()

An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded rather than user input, takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service...

CLSA-2022-1660757175 Fixed 15 CVEs in expat

CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames - CVE-2022-22822: Fix integer overflow in addBinding -...

git -- Multiple vulnerabilities

This release contains 2 security fixes: CVE-2022-39253 When relying on the --local clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks or copies of the dereferenced link in the destination repository. This can lead to surprising behavior where...

GSD-2021-1002689 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.88 by commit...

GSD-2021-1002665 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by commit...

GSD-2021-1002645 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.222 by commit...

GSD-2021-1002630 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.259 by commit...

redis: Integer overflow issue with strings

An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...

UBUNTU-CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...

ICU: Integer overflow in UnicodeString::doAppend()

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

ICU: Integer overflow in UnicodeString::doAppend()

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

CVE-2020-6007

Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution...

PT-2019-5838 · Imagemagick +5 · Imagemagick +5

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.8-68 Description: The issue is related to a missing check for a 0 value of replace extent in the SubstituteString function, which can cause an offset p to overflow. This could be triggered by a crafted input...