CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-1010022
https://notcve.org/view.php?id=CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. ** EN DISPUTA ** La biblioteca Libc actual de GNU está afectada por: Omisión de Mitigación. • https://security-tracker.debian.org/tracker/CVE-2019-1010022 https://sourceware.org/bugzilla/show_bug.cgi?id=22850 https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 https://ubuntu.com/security/CVE-2019-1010022 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-12972
https://notcve.org/view.php?id=CVE-2019-12972
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. Fue encontrado un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en _bfd_doprnt in bfd.c porque elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP mediante la omisión de un carácter \0' final. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html http://www.securityfocus.com/bid/108903 https://security.gentoo.org/glsa/202007-39 https://sourceware.org/bugzilla/show_bug.cgi?id=24689 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=890f750a3b053532a4b839a2dd6243076de12031 https://usn.ubuntu.com/4336-1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-6711
https://notcve.org/view.php?id=CVE-2012-6711
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv(). Existe un desbordamiento de búfer basado en el heap en GNU Bash antes de 4.3 cuando los caracteres anchos, no admitidos por la configuración regional actual establecida en la variable de entorno LC_CTYPE, se imprimen a través de la función incorporada de eco. Un atacante local, que puede proporcionar datos para imprimir a través de la función incorporada "echo -e", puede usar esta falla para bloquear un script o ejecutar código con los privilegios del proceso de bash. • http://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=863d31ae775d56b785dc5b0105b6d251515d81d5 http://www.securityfocus.com/bid/108824 https://bugzilla.redhat.com/show_bug.cgi?id=1721071 https://support.f5.com/csp/article/K05122252 https://support.f5.com/csp/article/K05122252?utm_source=f5support&%3Butm_medium=RSS https://usn.ubuntu.com/4180-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-12886
https://notcve.org/view.php?id=CVE-2018-12886
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. stack_protect_prologue en cfgexpand.c y stack_protect_epilogue en function.c en GNU Compiler Collection (GCC) 4.1 a 8 (bajo ciertas circunstancias) genera secuencias de instrucciones al apuntar a objetivos ARM que derraman la dirección del protector de pila, que permite al atacante eludir el la protección de -fstack-protector, -fstack-protector-all, -fstack-protector-strong y -fstack-protector-explicit contra el desbordamiento de pila controlando contra qué se compara la pila Canary. • https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup https://www.gnu.org/software/gcc/gcc-8/changes.html • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-11640
https://notcve.org/view.php?id=CVE-2019-11640
An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function rec_fex_parse_str_simple at rec-fex.c in librec.a. Se descubrió un problema en GNU recutils versión 1.8. Hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función rec_fex_parse_str_simple en rec-fex.c en librec.a. • https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/recfix • CWE-787: Out-of-bounds Write •