CVE-2024-28219 – python-pillow: buffer overflow in _imagingcms.c
https://notcve.org/view.php?id=CVE-2024-28219
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. En _imagingcms.c en Pillow anterior a 10.3.0, existe un desbordamiento del búfer porque se usa strcpy en lugar de strncpy. A flaw was found in Pillow. The cms_transform_new function in src/_imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service. • https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security https://access.redhat.com/security/cve/CVE-2024-28219 https://bugzilla.redhat.com/show_bug.cgi?id=2272563 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-680: Integer Overflow to Buffer Overflow •
CVE-2024-26668 – netfilter: nft_limit: reject configurations that cause integer overflow
https://notcve.org/view.php?id=CVE-2024-26668
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this rather than having incorrect ratelimit. • https://git.kernel.org/stable/c/d2168e849ebf617b2b7feae44c0c0baf739cb610 https://git.kernel.org/stable/c/79d4efd75e7dbecd855a3b8a63e65f7265f466e1 https://git.kernel.org/stable/c/bc6e242bb74e2ae616bfd2b250682b738e781c9b https://git.kernel.org/stable/c/9882495d02ecc490604f747437a40626dc9160d0 https://git.kernel.org/stable/c/00c2c29aa36d1d1827c51a3720e9f893a22c7c6a https://git.kernel.org/stable/c/c9d9eb9c53d37cdebbad56b91e40baf42d5a97aa https://access.redhat.com/security/cve/CVE-2024-26668 https://bugzilla.redhat.com/show_bug.cgi?id=2272797 • CWE-190: Integer Overflow or Wraparound •
CVE-2024-21470 – Integer Overflow to Buffer Overflow in Graphics Windows
https://notcve.org/view.php?id=CVE-2024-21470
Memory corruption while allocating memory for graphics. Corrupción de la memoria al asignar memoria para gráficos. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVE-2024-21454 – Integer Overflow to Buffer Overflow in Automotive Telematics
https://notcve.org/view.php?id=CVE-2024-21454
Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. DOS transitorio mientras se decodifica el mensaje ToBeSignedMessage en telemática automotriz. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVE-2024-20047
https://notcve.org/view.php?id=CVE-2024-20047
In battery, there is a possible out of bounds read due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-190: Integer Overflow or Wraparound •