1 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation. Vulnerabilidad de desbordamiento de entero en bdwgc en versiones anteriores a 2016-09-27 permite a atacantes provocar al cliente la denegación de servicio de bdwgc (caída de desbordamiento de búfer en memoria dinámica) y posiblemente ejecutar código arbitrario a través de asignación enorme. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00089.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00115.html http://www.openwall.com/lists/oss-security/2016/11/18/3 http://www.securityfocus.com/bid/94407 https://github.com/ivmai/bdwgc/issues/135 https://lists.debian.org/debian-lts-announce/2022/03/msg00039.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •