CVE-2022-27943 Demangle_const can consume stack in GCC 11.2.

CVE-2022-27943 Demangle_const can consume stack in GCC 11.2.

This issue is also known as V502.

CVE-2018-1000211

Jemalloc in the GNU C Library (aka glibc or libc6) before version 2.28, as used in Red Hat Enterprise Linux and other Linux distributions, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted size field in an XDR data structure with a different size or base to that expected for the data type.

CVE-2018-11791

The decode_brigade_header function in libavcodec/h264parse.c in FFmpeg through 3.2.2 has heap-based buffer overflow via a crafted start_code value in a BRIGADE header in H.264 video data.

CVE-2018-11792

The read_parameters function in libavcodec/h264parse.c in FFmpeg through 3.2.2 has a double-dbl_free buffer overflow via a malformed start_code value in a BRIGADE header in H.264 video data.
This was addressed in version 3.2.3.

CVE-2018-11793

The get_coding_type function in libavcodec/h264parse.c in FFmpeg through 3.2.2 has an out-of-bounds read during parsing of an SMPTE extension in

Mitigation strategies for CVE-2018-11793


The ReadParameters function in LibavCodec/h264parse.c in FFmpeg through 3.2.2 has serious out-of-bounds read vulnerability that allows an attacker to cause a denial of service or possibly have unspecified other impact via a malformed start_code value in a BRIGADE header in H.264 video data.
This was addressed in version 3.2.3

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe