EulerOS 2.0 SP5 : binutils (EulerOS-SA-2019-1799)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - elflink.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a 'member access within null pointer'...

gd: Unsigned integer underflow _gdContributionsAlloc()

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...

SUSE-SU-2018:4208-1 Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP3)

This update for the Linux Kernel 4.4.103-638 fixes one issue. The following security issue was fixed: - CVE-2018-5848: Fixed an unsigned integer overflow in wmisetie. This could lead to a buffer overflow bsc1097356...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:4157-1)

This update for the Linux Kernel 3.12.74-606493 fixes several issues. The following security issues were fixed : CVE-2018-9568: Prevent possible memory corruption due to type confusion in skclonelock. This could lead to local privilege escalation bsc1118319. CVE-2018-5848: Fixed an unsigned integ...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:4153-1)

This update for the Linux Kernel 3.12.74-606488 fixes several issues. The following security issues were fixed : CVE-2018-9568: Prevent possible memory corruption due to type confusion in skclonelock. This could lead to local privilege escalation bsc1118319. CVE-2018-5848: Fixed an unsigned integ...

SUSE-SU-2018:4127-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes one issue. The following security issue was fixed: - CVE-2018-5848: Fixed an unsigned integer overflow in wmisetie. This could lead to a buffer overflow bsc1097356...

kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption

In the function wmisetie in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the ‘ielen’ argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-762) (Spectre)

The openSUSE Leap 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-13406: An integer overflow in the uvesafbsetcmap function could have result in local attackers being able to crash the kernel or potentially elevate privileges...

procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues

A flaw was found where procps-ng provides wrappers for standard C allocators that took unsigned int instead of sizet parameters. On platforms where these differ such as x8664, this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowe...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1761-1)

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3665: Prevent disclosure of FPU registers including XMM and AVX registers between processes. These registers might contain encryption keys when...

CVE-2018-5848

In the function wmisetie, the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ielen' argument can cause a buffer overflow in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...

CVE-2018-5848

In the function wmisetie, the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ielen' argument can cause a buffer overflow in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...

procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues

A flaw was found where procps-ng provides wrappers for standard C allocators that took unsigned int instead of sizet parameters. On platforms where these differ such as x8664, this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowe...

CVE-2018-6323

The elfobjectp function in elfcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfdsizetype multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service application...

CVE-2018-6323

The elfobjectp function in elfcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfdsizetype multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service application...

CVE-2018-6323

CVE-2018-6323 : In GNU Binutils’ libbfd, the elf_object_p function in elfcode.h contains an unsigned integer overflow due to missing use of bfd_size_type in multiplication. A crafted ELF file can remotely crash the application (DoS) or have unspecified other impact. This CVE is referenced in IBM ...

Denial Of Service (DoS) Through Large Loop

ImageMagick is vulnerable to denial of service DoS attacks because of an infinite loop.The library does not properly check when a DPX file has ended, opting to iterate through the entire memory space of an unsigned integer. This can allow a malicious user to exhaust the application's resources by...

CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

Integer overflow

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...