Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in PspBuildCreateProcessContext that leads to a stack buffer overflow.
0d419f34140c82908299252d3794e80651aedada14ee132d75462cbcf8700e96Red Hat Security Advisory 2024-2525-03 - An update for mingw-pixman is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and out of bounds write vulnerabilities.
7611f233f16e4003c69a91ee23499cbe6bed6fd4c7a8d26442bbf86975a89a03Red Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, double free, integer overflow, memory exhaustion, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
86435dbd1e42e1cb6babcb7c70863a0ed35c27cc178b52ec0cd6a1f94cb358cdRed Hat Security Advisory 2024-2353-03 - An update for mingw components is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.
36cd276b5ad523116ca6bf330c1741bb6f1cfc8c3562bdb5c124f2fef6373da5Red Hat Security Advisory 2024-2303-03 - An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.
e597c0dc86b5e13817790f0a4e076db5e4385a7001efc0db9fb051224197a573Red Hat Security Advisory 2024-2295-03 - An update for libjpeg-turbo is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.
43452daffde3e48b2659f0953138b388c6a62d9094ae98508da80bb995f2cb32Red Hat Security Advisory 2024-2289-03 - An update for libtiff is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
07f6d09b76d14cbbc58f8061fe5f59bfe38a37eb126df374398e0369a3e84eedRed Hat Security Advisory 2024-2287-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
fab820c0fbdfa4d8d6e73e8f311ccdd5d57b1fc27fa3d174dca75ce8e75dec6eRed Hat Security Advisory 2024-2276-03 - An update for qt5-qtbase is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
95b68aba738992f875e5d8ddb178b532df9446a7d9652bcd95235aa3d0e8e0c3Red Hat Security Advisory 2024-2264-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
6f1e439469f760963ec6eedfe0fe6679640e263eb718c557d4c7112aa16b83b3Red Hat Security Advisory 2024-2208-03 - An update for freerdp is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds read, and out of bounds write vulnerabilities.
d35c2dacb4ba39a2b04932e45ff213c2efa3efc4d0a7615936eacb552ec25e83Red Hat Security Advisory 2024-2184-03 - An update for libsndfile is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and integer overflow vulnerabilities.
2731dd1ec804a96acfe3a51dc62314bf991ab4a07f95f0b946a9cb62f1664ec6Red Hat Security Advisory 2024-2170-03 - An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and out of bounds write vulnerabilities.
12951ba3a7c0d999913a7bd764ce62029547e8037266195d833336dae45f6ea4Red Hat Security Advisory 2024-2169-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
94ab168fa0917df2471afdc2d838be2c00664ff640ecb98837ab445c551bb0ddRed Hat Security Advisory 2024-2145-03 - An update for libX11 is now available for Red Hat Enterprise Linux 9. Issues addressed include heap overflow and integer overflow vulnerabilities.
ae52f35adcfeb1c6e6e69e20b88ec3a6a7c21886d5b6b1a7e97e2c2157fc3fb9Red Hat Security Advisory 2024-2137-03 - An update for LibRaw is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.
82a0aed2d65bf004960e8cb50acb3a938fbe1265cbcb5a97db9d7c36be080ba7Ubuntu Security Notice 6744-3 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
a3c5e325117510f72eaab078b9452bd572b5c6a7b644c56f33872ee990abf55dRed Hat Security Advisory 2024-2086-03 - An update for shim is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
163b8d7f23fc449ad0b491ac44a69d7352b1d374a412ba1c1e38f8dacd766a00Red Hat Security Advisory 2024-2063-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities.
efac441d2c9d4fa093e762996bdfb5156f563e69067729cf5d70fa3b1d727125Red Hat Security Advisory 2024-2011-03 - Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for Red Hat Satellite. Issues addressed include a buffer overflow vulnerability.
2119d78f1779fb5b9df8e781bf9b4da66e88cda956d9bdc4f6e4838153ac9474Red Hat Security Advisory 2024-2002-03 - An update for grub2 is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow and bypass vulnerabilities.
4692a0eab1d982662b58faf1424677d0eed7993f53bc9eaafabd45db9269e7f7Debian Linux Security Advisory 5673-1 - Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerability when converting strings to the ISO-2022-CN-EXT character set, which may lead to denial of service (application crash) or the execution of arbitrary code.
6f569b43fda03fbc293555c3e4f3d09f13cc184d51ccfed81bc50e87f8709332Ubuntu Security Notice 6744-2 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Pillow in Ubuntu 20.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
7f9a3f70c1f7e100375a7fbb89547638e45380d3ba57eca5212263547b378f8cUbuntu Security Notice 6744-1 - Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
a1631938e290abb7678d024b33eb2b0bf5cf2f26fdff61069536a736c29b981aRed Hat Security Advisory 2024-1959-03 - An update for shim is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
a7d6efdebf9b19259a2dfbf9ed245746cda2bf4c8dbf74ebf9dd7c968025e185
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed