Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42243)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42243 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER...

Linux Distros Unpatched Vulnerability : CVE-2023-53361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Add p?dleaf definitions When I do LTP test, LTP test case ksm06 caused panic ...

PT-2025-22274

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, which caused a double SIGFPE crash on parisc. The issue occurred because glibc uses a double-word floating-point store to atomicall...

CVE-2024-50067 uprobe: avoid out-of-bounds memory access of fetching args

In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, arrays can be very large,...

CVE-2024-42243

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

CVE-2024-42243 mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

CVE-2024-42243 mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

SUSE CVE-2015-3331

The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service buffer overflow and system crash or possibly...

Libgraphite directrun Opcode Handling Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0058 Libgraphite directrun Opcode Handling Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1521 Description An exploitable out-of-bounds read vulnerability exists in the opcode handling functionality of Libgraphite. A specially crafted font...

LibreSSL PRNG Vulnerability Patched

The OpenBSD project late last night rushed out a patch for a vulnerability in the LibreSSL pseudo random number generator PRNG. The flaw was disclosed two days ago by the founder of secure backup company Opsmate, Andrew Ayer, who said the vulnerability was a “catastrophic failure of the PRNG.”...

BibTeX '.bib'文件处理内存破坏漏洞

BUGTRAQ ID: 34332 CNCAN ID：CNCAN-2009040201 BibTeX是一款可以用于编写参考文献的工具。 BibTeX不正确解析.bib文件，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建超大的.bib文件，诱使用户使用BibTeX处理，可导致应用程序崩溃。 BUGTRAQ ID: 34332 CNCAN ID：CNCAN-2009040201 目前没有解决方案提供： http://www.bibtex.org/ 可参考如下测试程序： https://bugzilla.redhat.com/attachment.cgi?id=336659...

Count.cgi(wwwcount)远程缓冲区溢出漏洞

BugCVE: CVE-1999-0021 BUGTRAQ: 128 Count.cgi wwwcount是一个非常流行的Web站点跟踪统计CGI程序。一般它作为Web页面点击数统计。1997年10月，这个程序被发现了两个远程漏洞。第一个漏洞比较轻微，它能允许远程用户浏览到受限制的.GIF文件，可能泄漏.GIF文件里潜在的敏感数据。 第二个漏洞比较严重，count.cgi程序在处理QUERYSTRING环境变量的时候存在缓冲区溢出漏洞。远程攻击者可以发送一个超长的请求给程序就能进行溢出攻击，以Web用户的权限在系统执行任意命令。 2.3 Muhammad A. Muquit...

OllyDBG 'ollydbg.ini'调试参数本地缓冲区溢出漏洞

BUGTRAQ ID: 30733 CNCAN ID：CNCAN-2008081907 OllyDBG是一款汇编级分析调试器。 OllyDBG处理'ollydbg.ini'调试参数存在缓冲区溢出，本地攻击者可以利用漏洞以应用程序权限执行任意指令。 在'ollydbg.ini'文件中设置恶意调试参数，诱使用户加载，可触发缓冲区溢出，精心构建参数数据，可能以应用程序权限执行任意指令。 OllyDbg 1.10 目前没有解决方案提供： http://home.t-online.de/home/Ollydbg/ 可参考如下测试程序：...

Unreal Tournament 3拒绝服务和内存破坏漏洞

BUGTRAQ ID: 30430 CNCAN ID：CNCAN-2008073105 Unreal Tournament 3是一款在线游戏程序。 Unreal Tournament 3存在多个安全问题，远程攻击者可以利用漏洞进行拒绝服务或内存破坏攻击。 -处理特殊类型的报文存在问题，在特定报文中16位字段来指定数据后所需的大小。如果字符串超过172字节，可触发内存破坏。 -如果数据超过上面所述的报文总大小，字符串将不能被读取，并触发NULL指针异常，造成应用程序崩溃。 Epic Games Unreal Tournament 3 1.3beta4 Epic Games Unreal...

Unreal Tournament 2004 NULL指针拒绝服务漏洞

BUGTRAQ ID: 30427 CNCAN ID：CNCAN-2008073106 Unreal Tournament 2004是一款知名的FPS游戏。 Unreal Tournament 2004处理报文存在安全问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 发送特定序列的报文，攻击者可使UT2004服务器由于NULL指针异常而崩溃。 Epic Games Unreal Tournament 2004 3369 Epic Games Unreal Tournament 2004 3334 目前没有解决方案提供： http://www.unrealtournament3.c...

ZDaemon NULL指针拒绝服务漏洞

BUGTRAQ ID: 30340 CNCAN ID：CNCAN-2008072306 ZDaemon是一款大量使用的Doom引擎的游戏。 ZDaemon服务器存在NULL指针引用问题，远程攻击者可以利用漏洞对服务程序进行拒绝服务攻击。 当使用特定类型命令type 6，发送给ZDaemon服务器解析，可导致NULL指针引用而导致应用程序崩溃。 ZDaemon ZDaemon 1.8.7 ZDaemon ZDaemon 1.8.1 目前没有解决方案提供： http://www.zdaemon.org 可参考如下测试程序： http://aluigi.org/poc/zdaemonull.z...

Extended Module Player (xmp) 'oxm.c'和'dtt_load.c'缓冲区溢出漏洞

Extended Module Player xmp是一款命令行播放程序。 Extended Module Player xmp存在多个缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题一是testoxm / decrunchoxm处理OXM文件格式存在缓冲区溢出。 问题二是dttload处理pofs和plen数组存在缓冲区溢出。 Extended Module Player xmp 2.5.1 厂商解决方案 ----------- 目前没有详细解决方案提供： http://xmp.sourceforge.net/ 可参考如下测试程序：...

Yahoo! Messenger KDU_V32M.DLL远程拒绝服务漏洞

Yahoo! Messenger是一款流行的即时通信程序。 Yahoo! Messenger包含的kduv32m.dll库存在缓冲区溢出，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 问题是kduv32m.dll库对图片的长度宽度及tile的长度和宽度缺少正确处理，构建这些参数，使起new的参数为0，就可以导致应用程序崩溃，造成拒绝服务攻击。 Yahoo! Messenger 8.1 目前没有详细解决方案提供： http://messenger.yahoo.com/ 可参考如下测试程序： http://www.team509.com/expyahoo.rar...

nt.messagebox.DoS.txt

Date: Sun, 11 Apr 1999 22:50:25 +0200 Reply-To: chefren Sender: Windows NT BugTraq Mailing List From: chefren Subject: Death by MessageBox In-Reply-To: .. -------- Original Message -------- "NT hangs when several threads are calling MessageBox" Date: Fri, 9 Apr 1999 13:23:45 -0400 From: "Sumner,...