Page 5 of 1100 results (0.020 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2

CVE-2022-44638 – pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write

https://notcve.org/view.php?id=CVE-2022-44638

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. En libpixman en Pixman anterior a 0.42.2, hay una escritura fuera de límites (también conocida como desbordamiento de búfer basado en montón) en rasterize_edges_8 debido a un desbordamiento de enteros en pixman_sample_floor_y. A flaw was found in pixman. This issue causes an out-of-bounds write in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. This can result in data corruption, a crash, or code execution. pixman versions prior to 0.42.2 suffer from an out-of-bounds write vulnerability in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. • http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html http://www.openwall.com/lists/oss-security/2022/11/05/1 https://gitlab.freedesktop.org/pixman/pixman/-/issues/63 https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-40284 – NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image

https://notcve.org/view.php?id=CVE-2022-40284

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device. Se descubrió un desbordamiento del búfer en NTFS-3G antes de 2022.10.3. • http://www.openwall.com/lists/oss-security/2022/10/31/2 https://github.com/tuxera/ntfs-3g/releases https://lists.debian.org/debian-lts-announce/2022/11/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BOQ7YLFT43KLXEN3EB6CS4DP635RJWP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IA2D4PYOR7ABI7BWBMMMYKY2OPHTV2NI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGDKGXA4R2ZVUQ3CT4D4Y • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-42324

https://notcve.org/view.php?id=CVE-2022-42324

Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring. • http://www.openwall.com/lists/oss-security/2022/11/01/10 http://xenbits.xen.org/xsa/advisory-420.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ https://security.gentoo.org/glsa/202402-07 https:/ • CWE-681: Incorrect Conversion between Numeric Types •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-42323

https://notcve.org/view.php?id=CVE-2022-42323

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. • http://www.openwall.com/lists/oss-security/2022/11/01/9 http://xenbits.xen.org/xsa/advisory-419.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ https://security.gentoo.org/glsa/202402-07 https:// • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-42326

https://notcve.org/view.php?id=CVE-2022-42326

Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes. Xenstore: los invitados pueden crear una cantidad arbitraria de nodos mediante transacciones. • http://www.openwall.com/lists/oss-security/2022/11/01/11 http://xenbits.xen.org/xsa/advisory-421.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ https://security.gentoo.org/glsa/202402-07 https:/ • CWE-401: Missing Release of Memory after Effective Lifetime •