CVSS: 5.9EPSS: 0%CPEs: 109EXPL: 0CVE-2019-6471 – A race condition when discarding malformed packets can cause BIND to exit with an assertion failure
https://notcve.org/view.php?id=CVE-2019-6471
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1. Una condición de carrera que puede presentarse al descartar paquetes malformados puede provocar la salida de BIND debido a un fallo de aserción de REQUIRE en el archivo dispatch.c. Versiones afectadas: BIND 9.11.0 hasta 9.11.7, 9.12.0 hasta 9.12.4-P1, 9.14.0 hasta 9.14.2. • https://kb.isc.org/docs/cve-2019-6471 https://support.f5.com/csp/article/K10092301?utm_source=f5support&%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2019-6471 https://bugzilla.redhat.com/show_bug.cgi?id=1721780 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1CVE-2019-9075
https://notcve.org/view.php?id=CVE-2019-9075
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un desbordamiento de búfer basado en memoria dinámica (heap) en _bfd_archive_64_bit_slurp_armap en archive64.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24236 https://support.f5.com/csp/article/K42059040 https://usn.ubuntu.com/4336-1 • CWE-787: Out-of-bounds Write •