CVE-2016-9961
https://notcve.org/view.php?id=CVE-2016-9961
game-music-emu before 0.6.1 mishandles unspecified integer values. game-music-emu anterior a versión 0.6.1 maneja inapropiadamente los valores de enteros no especificados. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html http://www.openwall.com/lists/oss-security/2016/12/15/11 http://www.securityfocus.com/bid/95305 https://bitbucket.org/mpyne/game-music-emu/wiki/Home https://bugzilla.redhat.com/show_bug.cgi?id=1405423 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME https://lists.fedoraproject • CWE-189: Numeric Errors •
CVE-2017-7995
https://notcve.org/view.php?id=CVE-2017-7995
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL. Xen PV guest anterior a Xen 4.3 chequea los permisos de acceso a los rangos MMIO sólo después de acceder a ellos, lo que permite leer en un dispositivo de memoria PCI, dando lugar a la divulgación de información. Se trata de un error en la función get_user. • http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html http://www.securityfocus.com/bid/98314 https://bugzilla.suse.com/show_bug.cgi?id=1033948 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-9853
https://notcve.org/view.php?id=CVE-2014-9853
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. Fuga de memoria en los coders/rle.c de ImageMagick permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de un archivo rle manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-399: Resource Management Errors •
CVE-2016-7796 – systemd: freeze when PID 1 receives a zero-length message over notify socket
https://notcve.org/view.php?id=CVE-2016-7796
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled. La función manager_dispatch_notify_fd en systemd permite a usuarios locales provocar una denegación de servicio (colgado de sistema) a través de un mensaje de longitud cero recibido sobre una notificación de encaje, lo que provoca que se devuelva un error y que el controlador de notificación se desactive. A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd freeze its execution, preventing further management of system services, system shutdown, or zombie process collection via systemd. • http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00016.html http://rhn.redhat.com/errata/RHSA-2017-0003.html http://www.openwall.com/lists/oss-security/2016/09/30/1 http://www.securityfocus.com/bid/93250 http://www.securitytracker.com/id/1037320 https://bugzilla.redhat.com/show_bug.cgi?id=1381911 https://github.com/systemd/systemd/issues/4234#issuecomment-250441246 https://rhn.redhat.com/e • CWE-20: Improper Input Validation CWE-253: Incorrect Check of Function Return Value •
CVE-2015-8918
https://notcve.org/view.php?id=CVE-2015-8918
The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy." La función archive_string_append en archive_string.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo cab manipulado, relacionado con "superposición de memcpy". • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.securityfocus.com/bid/91300 https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html https://github.com/libarchive/libarchive/issues/506 https://security.gentoo.org/glsa/201701-03 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •