5 results (0.013 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. En libpixman en Pixman anterior a 0.42.2, hay una escritura fuera de límites (también conocida como desbordamiento de búfer basado en montón) en rasterize_edges_8 debido a un desbordamiento de enteros en pixman_sample_floor_y. A flaw was found in pixman. This issue causes an out-of-bounds write in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. This can result in data corruption, a crash, or code execution. pixman versions prior to 0.42.2 suffer from an out-of-bounds write vulnerability in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. • http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html http://www.openwall.com/lists/oss-security/2022/11/05/1 https://gitlab.freedesktop.org/pixman/pixman/-/issues/63 https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code. Un fallo de desbordamiento de entero ha sido informado en el general_composite_rect() function en pixman anterior a la versión 0.32.8 un atacante podría explotar este problema para causar una aplicación usando pixman para bloquear o potencialmente, ejecutar un código arbitrario. • https://bugs.freedesktop.org/show_bug.cgi?id=92027 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297 • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 7%CPEs: 3EXPL: 0

Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values. Desbordamiento de entero en la función create_bits en pixman-bits-image.c en Pixman en versiones anteriores a 0.32.6 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de valores grandes de height y stride. • http://www.debian.org/security/2016/dsa-3525 http://www.openwall.com/lists/oss-security/2016/02/24/13 http://www.openwall.com/lists/oss-security/2016/02/24/15 http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.ubuntu.com/usn/USN-2918-1 https://bugs.freedesktop.org/show_bug.cgi?id=69014 https://bugzilla.redhat.com/show_bug.cgi?id=972647 https://cgit.freedesktop.org/pixman/commit/?id=857e40f3d2bc2cfb714913e0cd7e6184cf69aca3 https://lists&# • CWE-189: Numeric Errors •

CVSS: 7.4EPSS: 0%CPEs: 9EXPL: 0

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Underflow de entero en la macro xTrapezoidValid en render/picture.h de X.Org permite a atacantes dependientes de contexto causar una denegación de servicio (crash) a través de un valor mínimo negativo . • http://lists.opensuse.org/opensuse-updates/2013-12/msg00127.html http://lists.x.org/archives/xorg-devel/2013-October/037996.html http://rhn.redhat.com/errata/RHSA-2013-1868.html http://www.debian.org/security/2013/dsa-2822 http://www.openwall.com/lists/oss-security/2013/12/03/8 http://www.openwall.com/lists/oss-security/2013/12/04/8 http://www.ubuntu.com/usn/USN-2500-1 https://bugs.freedesktop.org/show_bug.cgi?id=67484 https://bugs.launchpad.net/ubuntu&# • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 6.8EPSS: 1%CPEs: 20EXPL: 0

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Desbordamiento de entero en la macro pixman_trapezoid_valid en pixman.h de Pixman anteriores a 0.32.0, utilizado en el servidor X.Org y cairo, permite a atacantes dependientes de contexto causar una denegación de servicio (crash) a través de un valor mínimo negativo. • http://cgit.freedesktop.org/pixman/commit/?id=5e14da97f16e421d084a9e735be21b1025150f0c http://lists.freedesktop.org/archives/pixman/2013-November/003109.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00008.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00097.html http://rhn.redhat.com/errata/RHSA-2013-1869.html http://www.debian.org/security/2013&#x • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •