6/20/2023 0 Comments Shareaza 2.1.0![]() Redis is an in-memory database that persists on disk. There are no known workarounds for this vulnerability. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. Improved mac address string descriptor length validation to check for unexpectedly small values may be used as a workaround. The fix has been included in USBX release (). This may allow one to redirect the code execution flow or introduce a denial of service. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 ux_host_class_cdc_ecm_node_id` array. TensorFlow is an open source platform for machine learning. Exploitation of this issue requires user interaction in that a victim must open a malicious file. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.Īdobe Dimension versions 3.4.7 (and earlier) is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Ĭertain Lexmark devices through have an Integer Overflow.Ī vulnerability was found in libcap. Integer Overflow or Wraparound in GitHub repository vim/vim prior to. Was ZDI-CAN-19727.Īfu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before reading from memory. ![]() The specific flaw exists within the processing of the SMB directory query command. Authentication is not required to exploit this vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code executionĪ maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments.Īn integer overflow was addressed with improved input validation. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data.Īn issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. Netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. This affects installations with Ethernet support in which a packet size greater than 65495 may occur. Users are advised to upgrade.Īltran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. These issue have been addressed in version 1.13.15. ![]() The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. The previous patch of () fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. Referring to (), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. Sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2). RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2). ![]()
0 Comments
Leave a Reply. |