CVE-2022-36764 – Heap Buffer Overflow in Tcg2MeasurePeImage
https://notcve.org/view.php?id=CVE-2022-36764
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. ... A heap-based buffer overflow flaw was found via the Tcg2MeasurePeImage() function in EDK2. Successful exploitation requires a local attacker to trigger an integer overflow in the calculation of the EventSize variable at DxeTpm2MeasureBootLib.c, leading to the heap-buffer overflow, presenting a moderate risk to confidentiality and integrity. • https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ https://access.redhat.com/security/cve/CVE-2022-36764 https://bugzilla.redhat.com/show_bug.cgi?id=2257583 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow •
CVE-2022-36763 – Heap Buffer Overflow in Tcg2MeasureGptTable
https://notcve.org/view.php?id=CVE-2022-36763
EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. ... A heap buffer overflow flaw was found via the Tcg2MeasureGptTable() function in EDK2, arising from inadequate validation of the GPT Primary Header, presenting a minor risk to confidentiality and integrity. ... This issue may allow a local attacker to craft a GPT table, causing an integer overflow and consequent buffer overflow. • https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ https://access.redhat.com/security/cve/CVE-2022-36763 https://bugzilla.redhat.com/show_bug.cgi?id=2257582 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow •
CVE-2024-21646 – Azure IoT Platform Device SDK Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-21646
When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. • https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-190: Integer Overflow or Wraparound •
CVE-2023-47996
https://notcve.org/view.php?id=CVE-2023-47996
An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47996 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-47994
https://notcve.org/view.php?id=CVE-2023-47994
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47994 • CWE-190: Integer Overflow or Wraparound •