-
Recent Posts
- binutils: invalid memory read in find_abstract_instance_name (dwarf2.c)
- binutils: NULL pointer dereference in concat_filename (dwarf2.c) (INCOMPLETE FIX FOR CVE-2017-15023)
- binutils: heap-based buffer overflow in parse_die (dwarf1.c)
- binutils: NULL pointer dereference in bfd_hash_hash (hash.c)
- binutils: NULL pointer dereference in concat_filename (dwarf2.c)
Recent Comments
- Håvard Eidnes on lame: stack-based buffer overflow in III_dequantize_sample (layer3.c)
- CVE-2017-15020 – 安百科技 on binutils: heap-based buffer overflow in parse_die (dwarf1.c)
- CVE-2017-15022 – 安百科技 on binutils: NULL pointer dereference in bfd_hash_hash (hash.c)
- CVE-2017-14939 – 安百科技 on binutils: heap-based buffer overflow in read_1_byte (dwarf2.c)
- CVE-2017-14729 – 安百科技 on binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c)
Archives
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- February 2016
- July 2015
- August 2013
- June 2013
- May 2013
- January 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- June 2012
Categories
Meta
Monthly Archives: October 2016
jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. Another round of fuzzing on an updated version (1.900.10) revealed that the NULL pointer access identified as CVE-2016-8887 … Continue reading
Posted in advisories, security
Leave a comment
jasper: heap-based buffer overflow in jpc_dec_tiledecode (jpc_dec.c)
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. Another round of fuzzing on an updated version (1.900.10) a buffer over read because of an integer overflow. … Continue reading
Posted in advisories, security
Leave a comment
jasper: NULL pointer dereference in jpc_tsfb_synthesize (jpc_tsfb.c)
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. Another round of fuzzing on an updated version (1.900.5) revealed another NULL pointer access The complete ASan output: … Continue reading
Posted in advisories, security
Leave a comment
imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)
Description: imagemagick is a software suite to create, edit, compose, or convert bitmap images. Another round of fuzzing pointed out that the memory allocation failure I discovered is still reproducible in the 7.0.3.4 version. As usual, the upstream security policy … Continue reading
Posted in advisories, security
Leave a comment
libwmf: memory allocation failure in wmf_malloc (api.c)
Description: libwmf is a library for reading vector images in Microsøft’s native Windøws Metafile Format (WMF) and for either (a) displaying them in, e.g., an X window; or (b) converting them to more standard/open file formats such as, e.g., the … Continue reading
Posted in advisories, security
Leave a comment
snzip: memory allocation failure in work_buffer_resize (snzip.c)
Description: snzip is a compression/decompression tool based on snappy. A fuzzing revealed a memory allocation failure. The complete ASan output: # snzip -d $FILE Ȥ�==12351==WARNING: AddressSanitizer failed to allocate 0xffffffffc8617364 bytes ==12351==AddressSanitizer’s allocator is terminating the process instead of returning … Continue reading
Posted in advisories, security
Leave a comment
jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. Another round of fuzzing on an updated version (1.900.5) revealed that the previous issues, reported as CVE-2016-8690, are … Continue reading
Posted in advisories, security
1 Comment
jasper: memory allocation failure in jas_malloc (jas_malloc.c)
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. Another round of fuzzing on an updated version (1.900.5) revealed a memory allocation failure. The complete ASan output: … Continue reading
Posted in advisories, security
Leave a comment
jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c)
Description: jasper is an open-source initiative to provide a free software-based reference implementation of the codec specified in the JPEG-2000 Part-1 standard. Another round of fuzzing on an updated version (1.900.5) revealed a NULL pointer access in jp2_colr_destroy The complete … Continue reading
Posted in advisories, security
Leave a comment
imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)
Description: imagemagick is a software suite to create, edit, compose, or convert bitmap images. A fuzzing with the upstream security policy enabled revealed a memory allocation failure. The complete ASan output: # identify $FILE ==14275==ERROR: AddressSanitizer failed to allocate 0x99ad49000 … Continue reading
Posted in advisories, security
Leave a comment