CVE-2023-38253 – W3m: out of bounds read in growbuf_to_str() at w3m/indep.c
https://notcve.org/view.php?id=CVE-2023-38253
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. • https://access.redhat.com/security/cve/CVE-2023-38253 https://bugzilla.redhat.com/show_bug.cgi?id=2222779 https://github.com/tats/w3m/issues/271 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C • CWE-125: Out-of-bounds Read •
CVE-2023-38252 – W3m: out of bounds read in strnew_size() at w3m/str.c
https://notcve.org/view.php?id=CVE-2023-38252
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. • https://access.redhat.com/security/cve/CVE-2023-38252 https://bugzilla.redhat.com/show_bug.cgi?id=2222775 https://github.com/tats/w3m/issues/270 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C • CWE-125: Out-of-bounds Read •
CVE-2023-3618 – Segmentation fault in fax3encode in libtiff/tif_fax3.c
https://notcve.org/view.php?id=CVE-2023-3618
A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. • https://access.redhat.com/security/cve/CVE-2023-3618 https://bugzilla.redhat.com/show_bug.cgi?id=2215865 https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html https://security.netapp.com/advisory/ntap-20230824-0012 https://support.apple.com/kb/HT214036 https://support.apple.com/kb/HT214037 https://support.apple.com/kb/HT214038 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-3354 – Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service
https://notcve.org/view.php?id=CVE-2023-3354
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. • https://access.redhat.com/security/cve/CVE-2023-3354 https://bugzilla.redhat.com/show_bug.cgi?id=2216478 https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R • CWE-476: NULL Pointer Dereference •
CVE-2023-1672 – Race condition exists in the key generation and rotation functionality
https://notcve.org/view.php?id=CVE-2023-1672
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host. • https://access.redhat.com/security/cve/CVE-2023-1672 https://bugzilla.redhat.com/show_bug.cgi?id=2180999 https://github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096 https://lists.debian.org/debian-lts-announce/2023/11/msg00004.html https://www.openwall.com/lists/oss-security/2023/06/15/1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •