Advisories

Below, a table which summarizes:
– Vulnerabilities found by me;
– Bugs spotted by ASan/fuzzers/$other_tools that are not security relevant.

Summary CVE
libav: divide-by-zero in ff_h263_decode_mba(ituh263dec.c) CVE-2015-5479
portage-utils: heap-based buffer overflow in show_sync_history (qlop.c)
portage-utils: stack-based buffer overflow in prepare_qfile_args (qfile.c)
paps: heap-based buffer overflow in read_file (paps.c)
postgresql: psql: heap-based buffer overflow in gets_fromFile (input.c)
desktop-file-utils: desktop-file-validate: heap-based buffer overflow in validate.c
syslog-ng: NULL pointer dereference in report_syntax_error (cfg-parser.c)
logrotate: heap-based buffer overflow in readConfigFile (config.c)
WiRouterKeyRec: divide-by-zero in agpf_get_serial (agpf.c)
libav: heap-based buffer overflow in ff_audio_resample (resample.c) CVE-2016-6832
WiRouterKeyRec: signed shift in agpf_check_agpf (agpf.c)
WiRouterKeyRec: signed integer overflow in agpf_get_serial (agpf.c)
potrace: multiple(six) heap-based buffer overflow in bm_readbody_bmp (bitmap_io.c CVE-2016-8698
CVE-2016-8699
CVE-2016-8700
CVE-2016-8701
CVE-2016-8702
CVE-2016-8703
potrace: divide-by-zero in bm_new (bitmap.h) CVE-2016-8697
potrace: multiple (three) NULL pointer dereference in bm_readbody_bmp (bitmap_io.c) CVE-2016-8694
CVE-2016-8695
CVE-2016-8696
libav: stack-based buffer overflow in aac_sync (aac_parser.c) CVE-2016-7393
graphicsmagick: two heap-based buffer overflow in ReadTIFFImage (tiff.c) CVE-2016-7449
potrace: invalid memory access in findnext (decompose.c) CVE-2016-8685
potrace: memory allocation failure CVE-2016-8686
ettercap: etterlog: multiple (three) heap-based buffer overflow (el_profiles.c)
graphicsmagick: NULL pointer dereference in MagickStrlCpy (utility.c) CVE-2016-7449
ettercap: etterlog: NULL pointer dereference in fingerprint_search (ec_fingerprint.c)
autotrace: heap-based buffer overflow in pstoedit_suffix_table_init (output-pstoedit.c) CVE-2016-7392
libarchive: bsdtar: heap-based buffer overflow in detect_form (archive_read_support_format_mtree.c) CVE-2016-8688
libarchive: bsdtar: heap-based buffer overflow in read_Header (archive_read_support_format_7zip.c) CVE-2016-8689
libarchive: bsdtar: memory corruption/unknown-crash in bid_entry (archive_read_support_format_mtree.c) CVE-2016-8688
libarchive: bsdtar: heap-based buffer overflow in bid_entry (archive_read_support_format_mtree.c)

CVE-2016-8688
libarchive: bsdtar use-after-free in bid_entry (archive_read_support_format_mtree.c) CVE-2016-8688
libarchive: bsdtar use-after-free in detect_form (archive_read_support_format_mtree.c) CVE-2016-8688
libarchive: bsdtar: stack-based buffer overflow in bsdtar_expand_char (util.c) CVE-2016-8687
graphicsmagick: stack-based buffer overflow in ReadSCTImage (sct.c) CVE-2016-8682
graphicsmagick: memory allocation failure in ReadPCXImage (pcx.c) CVE-2016-8683
graphicsmagick: memory allocation failure in MagickMalloc (memory.c) CVE-2016-8684
libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c) CVE-2016-7424
libav: invalid memory access in ff_put_pixels8_xy2_mmx (rnd_template.c) CVE-2016-7477
libav: divide-by-zero in sbr_make_f_master (aacsbr.c) CVE-2016-7499
mupdf: mutool: infinite loop in gatherresourceinfo (pdfinfo.c)
mupdf: use-after-free in pdf_to_num (pdf-object.c) CVE-2016-8674
mupdf: mujstest: global-buffer-overflow in my_getline (jstest_main.c) CVE-2016-10247
mupdf: mujstest: global-buffer-overflow in main (jstest_main.c) CVE-2016-10246
libav: null pointer dereference in get_vlc2 (get_bits.h) CVE-2016-8676
mupdf: mujstest: strcpy-param-overlap in main (jstest_main.c)
libdwarf: tag_tree_build and tag_attr_build: signed shift
libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c) CVE-2016-8680
libav: invalid memory access in ff_put_pixels8_mmx (fpel_mmx.c)
libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c) CVE-2016-8681
libdwarf: heap-based buffer overflow in _dwarf_get_size_of_val (dwarf_util.c) (ANOTHER ONE) CVE-2016-8679
imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h) CVE-2016-8678
imagemagick: memory allocate failure in AcquireQuantumPixels (quantum.c) CVE-2016-8677
openssl: libcrypto: stack-based buffer overflow in ERR_error_string_n (err.c)
jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) CVE-2016-8690
jasper: two divide-by-zero in jpc_dec_process_siz (jpc_dec.c) CVE-2016-8691
CVE-2016-8692
jasper: double-free in mem_close (jas_stream.c) CVE-2016-8693
imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) CVE-2016-8862
jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) CVE-2016-8887
jasper: memory allocation failure in jas_malloc (jas_malloc.c) CVE-2016-8886
jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690) CVE-2016-8884
CVE-2016-8885
snzip: memory allocation failure in work_buffer_resize (snzip.c)
libwmf: memory allocation failure in wmf_malloc (api.c) CVE-2016-9011
imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862) CVE-2016-8866
jasper: NULL pointer dereference in jpc_tsfb_synthesize (jpc_tsfb.c) CVE-2016-10248
jasper: heap-based buffer overflow in jpc_dec_tiledecode (jpc_dec.c) CVE-2016-10249
jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887) CVE-2016-10250
jasper: use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) CVE-2016-10251
elfutils: memory allocation failure in __libelf_set_rawdata_wrlock (elf_getdata.c) CVE-2016-10255
elfutils: memory allocation failure in allocate_elf (common.h) CVE-2016-10254
jasper: use after free in jas_realloc (jas_malloc.c) CVE-2016-9262
libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c) CVE-2016-9275
libdwarf: heap-based buffer overflow in get_attr_value (print_die.c)
libdwarf: heap-based buffer overflow in dwarf_get_aranges_list (dwarf_arange.c) CVE-2016-9276
libdwarf: memory allocation failure in do_decompress_zlib (dwarf_init_finish.c)

libming: listmp3: global-buffer-overflow in printMP3Headers (listmp3.c)
CVE-2016-9264
libtiff: memory allocation failure in _TIFFCheckRealloc (tif_aux.c)
libming: listmp3: divide-by-zero in printMP3Headers (listmp3.c) CVE-2016-9265
libming: listmp3: left shift in listmp3.c CVE-2016-9266
jasper: multiple Assertion failure CVE-2016-9387
CVE-2016-9388
CVE-2016-9389
CVE-2016-9390
CVE-2016-9391
CVE-2016-9392
CVE-2016-9393
CVE-2016-9394
CVE-2016-9395
CVE-2016-9396
CVE-2016-9397
CVE-2016-9398
CVE-2016-9399
imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) CVE-2016-9556
jasper: signed integer overflow in jas_image.c CVE-2016-9557
libdwarf: negation overflow in dwarf_leb.c CVE-2016-9558
imagemagick: null pointer must never be null (tiff.c) CVE-2016-9559
jasper: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) CVE-2016-9560
metapixel: heap-based buffer overflow in open_gif_file (rwgif.c)

metapixel: multiple assertion failures
libav: multiple crashes from the Undefined Behavior Sanitizer CVE-2016-9819
CVE-2016-9820
CVE-2016-9821
CVE-2016-9822
CVE-2016-9823
CVE-2016-9824
CVE-2016-9825
CVE-2016-9826
imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556) CVE-2016-9556
libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c) CVE-2016-9829
libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c) CVE-2016-9831
libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c) CVE-2016-9827
libming: listswf: NULL pointer dereference in dumpBuffer (read.c) CVE-2016-9828
graphicsmagick: memory allocation failure in MagickRealloc (memory.c) CVE-2016-9830
libtiff: multiple divide-by-zero CVE-2016-10266
CVE-2016-10267
libtiff: multiple heap-based buffer overflow CVE-2016-10092
CVE-2016-10093
CVE-2016-10094
CVE-2016-10268
CVE-2016-10269
CVE-2016-10270
CVE-2016-10271
CVE-2016-10272
libtiff: invalid memory READ in t2p_writeproc (tiff2pdf.c)
libtiff: memcpy-param-overlap in t2p_tile_collapse_left (tiff2pdf.c)
libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c) CVE-2016-10095
libtiff: assertion failure in readSeparateTilesIntoBuffer (tiffcp.c)
libtiff: NULL pointer dereference in TIFFReadRawData (tiffinfo.c)
jasper: multiple crashes with UBSAN CVE-2017-5498
CVE-2017-5499
CVE-2017-5500
CVE-2017-5501
CVE-2017-5502
jasper: invalid memory write in dec_clnpass (jpc_t1dec.c) CVE-2017-5503
jasper: invalid memory read in jpc_undo_roi (jpc_dec.c) CVE-2017-5504
jasper: invalid memory read in jas_matrix_asl (jas_seq.c) CVE-2017-5505
jasper: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) CVE-2017-6850
jasper: invalid memory read in jas_matrix_bindsub (jas_seq.c) CVE-2017-6851
jasper: heap-based buffer overflow in jpc_dec_decodepkt (jpc_t2dec.c) CVE-2017-6852
mp3splt: NULL pointer dereference in main (mp3splt.c)
mp3splt: invalid free in free_options (options_manager.c) CVE-2017-5666
libmp3splt: NULL pointer dereference in splt_cue_export_to_file (cue.c) CVE-2017-5665
mp3splt: NULL pointer dereference in free_options (options_manager.c) CVE-2017-5851
pax-utils: scanelf: out of bounds read in scanelf_file_textrel (scanelf.c)
pax-utils: scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.c)
podofo: NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp)
podofo: NULL pointer dereference in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp) CVE-2017-5855
podofo: NULL pointer dereference in PdfOutputStream.cpp CVE-2017-5854
podofo: signed integer overflow in PdfParser.cpp CVE-2017-5853
podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp) CVE-2017-5852
podofo: heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp) CVE-2017-5886
pax-utils: dumpelf: multiple divide-by-zero in dumpelf.c
pax-utils: dumpelf: two invalid memory read in dumpelf.c
pax-utils: dumpelf: out of bounds read in dump_notes (dumpelf.c)
zziplib: heap-based buffer overflow in __zzip_get32 (fetch.c) CVE-2017-5974
zziplib: heap-based buffer overflow in __zzip_get64 (fetch.c) CVE-2017-5975
zziplib: heap-based buffer overflow in zzip_mem_entry_extra_block (memdisk.c) CVE-2017-5976
zziplib: invalid memory read in zzip_mem_entry_extra_block (memdisk.c) CVE-2017-5977
zziplib: NULL pointer dereference in main (unzzipcat-mem.c)
zziplib: out of bounds read in zzip_mem_entry_new (memdisk.c) CVE-2017-5978
zziplib: NULL pointer dereference in prescan_entry (fseeko.c) CVE-2017-5979
zziplib: NULL pointer dereference in zzip_mem_entry_new (memdisk.c) CVE-2017-5980
zziplib: NULL pointer dereference in main (unzzipcat.c)
zziplib: load of misaligned address in memdisk.c
zziplib: assertion failure in seeko.c CVE-2017-5981
mupdf: use-after-free in fz_subsample_pixmap (pixmap.c) CVE-2017-7264
mupdf: mujstest: stack-based buffer overflow in main (jstest_main.c) CVE-2017-6060
audiofile: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) CVE-2017-6827
audiofile: heap-based buffer overflow in readValue (FileHandle.cpp) CVE-2017-6828
audiofile: global buffer overflow in decodeSample (IMA.cpp) CVE-2017-6829
audiofile: heap-based buffer overflow in alaw2linear_buf (G711.cpp) CVE-2017-6830
audiofile: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) CVE-2017-6831
audiofile: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) CVE-2017-6832
audiofile: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) CVE-2017-6833
audiofile: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) CVE-2017-6834
audiofile: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) CVE-2017-6835
audiofile: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) CVE-2017-6836
audiofile: multiple ubsan crashes CVE-2017-6837
CVE-2017-6838
CVE-2017-6839
gnu-paxutils: multiple crashes
pax-utils: scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.c)
podofo: invalid memory read in ColorChanger::GetColorFromStack (colorchanger.cpp) CVE-2017-6840
podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h) CVE-2017-6841
podofo: NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp) CVE-2017-6842
podofo: heap-based buffer overflow in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h) CVE-2017-6843
podofo: global buffer overflow in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp) CVE-2017-6844
podofo: NULL pointer dereference in PoDoFo::PdfColor::operator= (PdfColor.cpp) CVE-2017-6845
podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h) CVE-2017-6846
podofo: NULL pointer dereference in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h) CVE-2017-6847
podofo: NULL pointer dereference in PoDoFo::PdfXObject::PdfXObject (PdfXObject.cpp) CVE-2017-6848
podofo: NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp) CVE-2017-6849
potrace: heap-based buffer overflow in bm_readbody_bmp (bitmap_io.c) (incomplete fix for CVE-2016-8698) CVE-2017-7263
libpcre: invalid memory read in phar (pcretest.c)
libpcre: NULL pointer dereference in main (pcretest.c)
libpcre: invalid memory read in match (pcre_exec.c) CVE-2017-7186
libpcre: two stack-based buffer overflow write in pcre32_copy_substring (pcre_get.c) CVE-2017-7245
CVE-2017-7246
libpcre: heap-based bufffer overflow in regexflip8_or_16 (pcretest.c)
libpcre: invalid memory read in _pcre32_xclass (pcre_xclass.c) CVE-2017-7244
imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862 and CVE-2016-8866) CVE-2017-7275
podofo: heap-based buffer overflow in PoDoFo::PdfPainter::ExpandTabs (PdfPainter.cpp) CVE-2017-7378
podofo: heap-based buffer overflow in PoDoFo::PdfSimpleEncoding::ConvertToEncoding (PdfEncoding.cpp) CVE-2017-7379
podofo: four null pointer dereference CVE-2017-7380
CVE-2017-7381
CVE-2017-7382
CVE-2017-7383
libtiff: divide-by-zero in JPEGSetupEncode (tiff_jpeg.c) CVE-2017-7595
libtiff: multiple UBSAN crashes 2017-7596
2017-7597
2017-7598
2017-7599
2017-7600
2017-7601
2017-7602
libaacplus: signed integer overflow, left shift and assertion failure CVE-2017-7603
CVE-2017-7604
CVE-2017-7605
imagemagick: undefined behavior in coders/rle.c CVE-2017-7606
elfutils: heap-based buffer overflow in handle_gnu_hash (readelf.c) CVE-2017-7607
elfutils: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) CVE-2017-7608
elfutils: memory allocation failure in __libelf_decompress (elf_compress.c) CVE-2017-7609
elfutils: heap-based buffer overflow in check_group (elflint.c) CVE-2017-7610
elfutils: heap-based buffer overflow in check_symtab_shndx (elflint.c) CVE-2017-7611
elfutils: heap-based buffer overflow in check_sysv_hash (elflint.c) CVE-2017-7612
elfutils: memory allocation failure in xcalloc (xmalloc.c) CVE-2017-7613
binutils: two NULL pointer dereference in elflink.c CVE-2017-7614
libsamplerate: global buffer overflow in calc_output_single (src_sinc.c) CVE-2017-7697
libsndfile: invalid memory READ and invalid memory WRITE in flac_buffer_copy (flac.c) CVE-2017-7741
CVE-2017-7742
libcroco: heap overflow and undefined behavior CVE-2017-7960
CVE-2017-7961
imageworsener: divide-by-zero in iwgif_record_pixel (imagew-gif.c) CVE-2017-7962
imageworsener: memory allocation failure in my_mallocfn (imagew-cmd.c) CVE-2017-8327
imageworsener: two left shift CVE-2017-8326
imageworsener: heap-based buffer overflow in iw_process_cols_to_intermediate (imagew-main.c) CVE-2017-8325
libsndfile: invalid memory read in flac_buffer_copy (flac.c) CVE-2017-8362
libsndfile: global buffer overflow in flac_buffer_copy (flac.c) CVE-2017-8361
libsndfile: heap-based buffer overflow in flac_buffer_copy (flac.c) CVE-2017-8363
libsndfile: global buffer overflow in i2les_array (pcm.c) CVE-2017-8365
libpcre: heap-based buffer overflow write in pcre2test.c CVE-2017-8786
ettercap: etterfilter: heap-based buffer overflow write CVE-2017-8366
rzip: heap-based buffer overflow in read_buf (stream.c) CVE-2017-8364
libmad: heap-based buffer overflow in mad_bit_skip (bit.c) CVE-2017-8374
libmad: heap-based buffer overflow in mad_layer_III (layer3.c) CVE-2017-8373
libmad: assertion failure in layer3.c CVE-2017-8372
telegram-desktop: insecure permission of $HOME/.TelegramDesktop directory CVE-2016-10351
libarchive: two heap-based buffer overflow read CVE-2016-10349
CVE-2016-10350
lrzip: divide-by-zero in bufRead::get (libzpaq.h) CVE-2017-8842
lrzip: NULL pointer dereference in bufRead::get (libzpaq.h) CVE-2017-8847
lrzip: NULL pointer dereference in join_pthread (stream.c) CVE-2017-8843
lrzip: invalid memory read in lzo_decompress_buf (stream.c) CVE-2017-8845
lrzip: heap-based buffer overflow write in read_1g (stream.c) CVE-2017-8844
lrzip: use-after-free in read_stream (stream.c) CVE-2017-8846
binutils: multiple crashes CVE-2017-9038
CVE-2017-9039
CVE-2017-9040
CVE-2017-9041
CVE-2017-9042
CVE-2017-9043
CVE-2017-9044
autotrace: multiple vulnerabilities (The autotrace nightmare) CVE-2017-9151
CVE-2017-9152
CVE-2017-9153
CVE-2017-9154
CVE-2017-9155
CVE-2017-9156
CVE-2017-9157
CVE-2017-9158
CVE-2017-9159
CVE-2017-9160
CVE-2017-9161
CVE-2017-9162
CVE-2017-9163
CVE-2017-9164
CVE-2017-9165
CVE-2017-9166
CVE-2017-9167
CVE-2017-9168
CVE-2017-9169
CVE-2017-9170
CVE-2017-9171
CVE-2017-9172
CVE-2017-9173
CVE-2017-9174
CVE-2017-9175
CVE-2017-9176
CVE-2017-9177
CVE-2017-9178
CVE-2017-9179
CVE-2017-9180
CVE-2017-9181
CVE-2017-9182
CVE-2017-9183
CVE-2017-9184
CVE-2017-9185
CVE-2017-9186
CVE-2017-9187
CVE-2017-9188
CVE-2017-9189
CVE-2017-9190
CVE-2017-9191
CVE-2017-9192
CVE-2017-9193
CVE-2017-9194
CVE-2017-9195
CVE-2017-9196
CVE-2017-9197
CVE-2017-9198
CVE-2017-9199
CVE-2017-9200
imageworsener: multiple vulnerabilities CVE-2017-9201
CVE-2017-9202
CVE-2017-9203
CVE-2017-9204
CVE-2017-9205
CVE-2017-9206
CVE-2017-9207
qpdf: three infinite loop in libqpdf CVE-2017-9208
CVE-2017-9209
CVE-2017-9210
ytnef: heap-based buffer overflow in PrintTNEF (ytnefprint/main.c)
ytnef: NULL pointer dereference in MAPIPrint (ytnef.c) CVE-2017-9470
ytnef: heap-based-buffer overflow in SwapWord (ytnef.c) CVE-2017-9471
ytnef: heap-based buffer overflow in SwapDWord (ytnef.c) CVE-2017-9472
ytnef: memory allocation failure in TNEFFillMapi (ytnef.c) CVE-2017-9473
ytnef: heap-based buffer overflow in DecompressRTF (ytnef.c) CVE-2017-9474
lame: divide-by-zero in parse_wave_header (get_audio.c)
lame: global-buffer-overflow in II_step_one (layer2.c) CVE-2017-9869
lame: global-buffer-overflow in III_i_stereo (layer3.c) CVE-2017-9870
lame: heap-based buffer overflow in fill_buffer_resample (util.c) CVE-2015-9101
lame: stack-based buffer overflow in III_i_stereo (layer3.c) CVE-2017-9871
lame: stack-based buffer overflow in III_dequantize_sample (layer3.c) CVE-2017-9872
lame: multiple left shift
lame: two UBSAN crashes
xar: NULL pointer dereference in xar_unserialize (archive.c) CVE-2017-11124
xar: NULL pointer dereference in xar_get_path (util.c) CVE-2017-11125
mpg123: global buffer overflow in III_i_stereo (layer3.c) CVE-2017-11126
graphicsmagick: use-after-free in CloseBlob (blob.c) CVE-2017-11403
graphicsmagick: use-after-free in ReadWMFImage (wmf.c) CVE-2017-12936
graphicsmagick: invalid memory read in SetImageColorCallBack (image.c) CVE-2017-12935
graphicsmagick: heap-based buffer overflow in ReadSUNImage (sun.c) CVE-2017-12937
libfpx: double-free in DfFromLB (docfile.cxx) CVE-2017-12925
libfpx: heap-based buffer overflow in OLEStream::WriteVT_LPSTR (olestrm.cpp) CVE-2017-12919
libfpx: NULL pointer dereference in CDirectory::GetDirEntry (dir.cxx) CVE-2017-12920
libfpx: NULL pointer dereference in wchar.c CVE-2017-12922
libfpx: NULL pointer dereference in PFileFlashPixView::GetGlobalInfoProperty (f_fpxvw.cpp) CVE-2017-12921
libfpx: NULL pointer dereference in OLEStream::WriteVT_LPSTR (olestrm.cpp) CVE-2017-12923
libfpx: divide-by-zero in CDirVector::GetTable (dirfunc.hxx) CVE-2017-12924
imagemagick: use-after-free in DestroyImage (image.c) CVE-2017-12877
imagemagick: heap-based buffer overflow in .omp_outlined..32 (enhance.c) CVE-2017-12876
openjpeg: memory allocation failure in opj_aligned_alloc_n (opj_malloc.c) CVE-2017-12982
openjpeg: heap-based buffer overflow in opj_mqc_flush (mqc.c) CVE-2017-14151
openjpeg: heap-based buffer overflow in opj_write_bytes_LE (cio.c) CVE-2017-14152
openjpeg: heap-based buffer overflow in opj_t2_encode_packet (t2.c) CVE-2017-14039
openjpeg: invalid memory write in tgatoimage (convert.c) CVE-2017-14040
openjpeg: stack-based buffer overflow write in pgxtoimage (convert.c) CVE-2017-14041
graphicsmagick: memory allocation failure in MagickRealloc (memory.c) CVE-2017-14042
graphicsmagick: use-after-free in CloseBlob (blob.c) (INCOMPLETE FIX FOR CVE-2017-11403) CVE-2017-14103
libzip: memory allocation failure in _zip_cdir_grow (zip_dirent.c) CVE-2017-14107
libzip: use-after-free in _zip_buffer_free (zip_buffer.c) CVE-2017-12858
openjpeg: heap-based buffer overflow in opj_write_bytes_LE (cio.c) (INCOMPLETE FIX FOR CVE-2017-14152) CVE-2017-14164
graphicsmagick: memory allocation failure in MagickMalloc (memory.c) CVE-2017-14165
libarchive: heap-based buffer overflow in xml_data (archive_read_support_format_xar.c) CVE-2017-14166
aacplusenc: NULL pointer dereference in DeleteBitBuffer (bitbuffer.c) CVE-2017-14181
mp3gain: stack-based buffer overflow in filterYule (gain_analysis.c) CVE-2017-14407
mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL/interface.c) CVE-2017-14406
mp3gain: stack-based buffer overflow in copy_mp (mpglibDBL/interface.c) CVE-2017-14411
mp3gain: memcpy-param-overlap in set_pointer (mpglibDBL/common.c)
mp3gain: global buffer overflow in III_dequantize_sample (mpglibDBL/layer3.c) CVE-2017-14409
mp3gain: stack-based buffer overflow in dct36 (mpglibDBL/layer3.c) CVE-2017-14408
mp3gain: invalid memory write in copy_mp (mpglibDBL/interface.c) CVE-2017-14412
mp3gain: global buffer overflow in III_i_stereo (mpglibDBL/layer3.c) CVE-2017-14410
bento4: heap-based buffer overflow in AP4_BitStream::ReadBytes (Ap4BitStream.cpp) CVE-2017-14645
bento4: NULL pointer dereference in AP4_Atom::SetType (Ap4Atom.h) CVE-2017-14638
bento4: NULL pointer dereference in AP4_AtomSampleTable::GetSample (Ap4AtomSampleTable.cpp) CVE-2017-14640
bento4: NULL pointer dereference in AP4_DataAtom::~AP4_DataAtom (Ap4MetaData.cpp) CVE-2017-14641
bento4: NULL pointer dereference in AP4_StdcFileByteStream::ReadPartial (Ap4StdCFileByteStream.cpp) CVE-2017-14642
bento4: heap-based buffer overflow in AP4_HdlrAtom::AP4_HdlrAtom (Ap4HdlrAtom.cpp) CVE-2017-14644
bento4: heap-based buffer overflow in AP4_BytesToUInt32BE (Ap4Utils.h) CVE-2017-14643
bento4: heap-based buffer overflow in AP4_DataBuffer::SetData (Ap4DataBuffer.cpp) CVE-2017-14646
bento4: stack-based buffer overflow in AP4_VisualSampleEntry::ReadFields (Ap4SampleEntry.cpp) CVE-2017-14647
bento4: stack-based buffer underflow in AP4_VisualSampleEntry::ReadFields (Ap4SampleEntry.cpp) CVE-2017-14639
bladeenc: global buffer overflow in iteration_loop (loop.c) CVE-2017-14648
graphicsmagick: assertion failure in pixel_cache.c CVE-2017-14649
binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) CVE-2017-14729
binutils: memory allocation failure in _bfd_elf_slurp_version_tables (elf.c) CVE-2017-14938
binutils: NULL pointer dereference in scan_unit_for_symbols (dwarf2.c) CVE-2017-14940
binutils: heap-based buffer overflow in read_1_byte (dwarf2.c) CVE-2017-14939
binutils: infinite loop in find_abstract_instance_name (dwarf2.c) CVE-2017-15024
binutils: divide-by-zero in decode_line_info (dwarf2.c) CVE-2017-15025
binutils: heap-based buffer overflow in bfd_getl32 (opncls.c) CVE-2017-15021
binutils: NULL pointer dereference in concat_filename (dwarf2.c) CVE-2017-15023
binutils: NULL pointer dereference in bfd_hash_hash (hash.c) CVE-2017-15022
binutils: heap-based buffer overflow in parse_die (dwarf1.c) CVE-2017-15020
Why I stopped fuzzing research
re2c: heap overflow in Scanner::fill (scanner.cc) CVE-2020-11958

All advisories are also grouped under the tag advisories

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.