CVE-2023-6779 – Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()
https://notcve.org/view.php?id=CVE-2023-6779
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer. Se encontró un desbordamiento de búfer en la región Heap de la memoria de off-by-one en la función __vsyslog_internal de la librería glibc. • http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html http://seclists.org/fulldisclosure/2024/Feb/3 https://access.redhat.com/security/cve/CVE-2023-6779 https://bugzilla.redhat.com/show_bug.cgi?id=2254395 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ https://security.gentoo.org/glsa/202402 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-6246 – Glibc: heap-based buffer overflow in __vsyslog_internal()
https://notcve.org/view.php?id=CVE-2023-6246
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer. Se encontró un desbordamiento de búfer en la región Heap de la memoria en la función __vsyslog_internal de la librería glibc. • https://github.com/elpe-pinillo/CVE-2023-6246 http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html http://seclists.org/fulldisclosure/2024/Feb/3 http://seclists.org/fulldisclosure/2024/Feb/5 https://access.redhat.com/security/cve/CVE-2023-6246 https://bugzilla.redhat.com/show_bug.cgi?id=2249053 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2024-1086 – Linux Kernel Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-1086
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. Una vulnerabilidad de use after free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para lograr una escalada de privilegios local. La función nft_verdict_init() permite valores positivos como error de eliminación dentro del veredicto del gancho y, por lo tanto, la función nf_hook_slow() puede causar una vulnerabilidad double free cuando NF_DROP se emite con un error de eliminación similar a NF_ACCEPT. Recomendamos actualizar después del compromiso f342de4e2f33e0e39165d8639387aa6c19dff660. A flaw was found in the Netfilter subsystem in the Linux kernel. • https://github.com/Notselwyn/CVE-2024-1086 https://github.com/feely666/CVE-2024-1086 https://github.com/CCIEVoice2009/CVE-2024-1086 https://github.com/pl0xe/CVE-2024-1086 https://github.com/xzx482/CVE-2024-1086 https://github.com/kevcooper/CVE-2024-1086-checker https://github.com/matrixvk/CVE-2024-1086-aarch64 http://www.openwall.com/lists/oss-security/2024/04/10/22 http://www.openwall.com/lists/oss-security/2024/04/10/23 http://www.openwall.com/lists/oss& • CWE-416: Use After Free •
CVE-2024-1077
https://notcve.org/view.php?id=CVE-2024-1077
Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) El use after free en Network de Google Chrome anterior a 121.0.6167.139 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de un archivo malicioso. (Severidad de seguridad de Chromium: alta) • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html https://crbug.com/1511085 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q • CWE-416: Use After Free •
CVE-2024-1060
https://notcve.org/view.php?id=CVE-2024-1060
Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Canvas en Google Chrome anterior a 121.0.6167.139 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chromium: alta) • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html https://crbug.com/1511567 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q • CWE-416: Use After Free •