The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2017-12678 | In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | MEDIUM | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12799 | The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. | MEDIUM | Aug 10, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12837 | Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (crash) via a crafted regular expression with the case-insensitive modifier. | MEDIUM | Sep 19, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12862 | In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12863 | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has a integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12864 | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12865 | Stack-based buffer overflow in dnsproxy.c in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the name variable. | High | Sep 6, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12883 | Buffer overflow in the regular expression parser in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (crash) or leak data from memory via vectors involving use of RExC_parse in the vFAIL macro. | MEDIUM | Sep 19, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12944 | The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. | MEDIUM | Aug 18, 2017 | 10.17.41.13 (Wind River Linux LTS 17) |
CVE-2017-12967 | The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary. | Medium | Aug 21, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-13077 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the pairwise key in the four-way handshake. | MEDIUM | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13078 | Wi-Fi Protected Access (WPA and WPA2) allowsreinstallation of the group key in the Four-way handshake. | LOW | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13079 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key in the Four-way handshake. | LOW | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13080 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the group key in the Group Key handshake. | LOW | Oct 16, 2017 | 10.17.41.25 (Wind River Linux LTS 17) |
CVE-2017-13081 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key in the Group Key handshake. | LOW | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13082 | Wi-Fi Protected Access (WPA and WPA2) accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it. | MEDIUM | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13086 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. | MEDIUM | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13087 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. | LOW | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13088 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. | LOW | Oct 16, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13089 | The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk\'s length, but doesn\'t check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. | HIGH | Oct 28, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13090 | The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk\'s length, but doesn\'t check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. The attacker can corrupt malloc metadata after the allocated buffer. | HIGH | Oct 28, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13168 | An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. | MEDIUM | Dec 6, 2017 | 10.17.41.17 (Wind River Linux LTS 17) |
CVE-2017-13672 | QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. | Low | Sep 5, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13673 | The vga display update in Qemu 2.8.0 through 2.9.0 mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function. | Medium | Sep 6, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13685 | The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. | Medium | Aug 30, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13710 | The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | MEDIUM | Aug 27, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-13711 | Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properly clear ifq_so from pending packets. | Medium | Sep 5, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13712 | NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument. | Medium | Sep 1, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13716 | The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | High | Aug 30, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-13720 | In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because \'\\0\' characters are incorrectly skipped in situations involving ? characters. | LOW | Oct 11, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13721 | In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session. | LOW | Oct 9, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13722 | In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server. | LOW | Oct 11, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13723 | In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. | MEDIUM | Oct 9, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13726 | There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | Medium | Aug 31, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13727 | There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | Medium | Aug 31, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13733 | There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | Medium | Aug 30, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13757 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. | Medium | Aug 31, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14054 | In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted IVR file, which claims a large len field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would consume huge CPU resources, since there is no EOF check inside the loop. | High | Sep 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14055 | In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large nb_frames field in the header but does not contain sufficient backing data, is provided, the loop over the frames would consume huge CPU and memory resources, since there is no EOF check inside the loop. | High | Sep 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14056 | In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted RL2 file, which claims a large frame_count field in the header but does not contain sufficient backing data, is provided, the loops (for offset and size tables) would consume huge CPU and memory resources, since there is no EOF check inside these loops. | High | Sep 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14057 | In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file, which claims a large name_len or count field in the header but does not contain sufficient backing data, is provided, the loops over the name and markers would consume huge CPU and memory resources, since there is no EOF check inside these loops. | High | Sep 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14058 | In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop). | Medium | Sep 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14059 | In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a large duration field in the header but does not contain sufficient backing data, is provided, the image-offset parsing loop would consume huge CPU and memory resources, since there is no EOF check inside the loop. | High | Sep 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14064 | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a \'\\0\' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. | HIGH | Aug 31, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14107 | The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive. | Medium | Sep 5, 2017 | 10.17.41.9 (Wind River Linux LTS 17) |
CVE-2017-14128 | The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | Medium | Sep 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14129 | The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | Medium | Sep 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14130 | The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. | Medium | Sep 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14136 | OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12597. | Medium | Sep 6, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14160 | The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file. | MEDIUM | Sep 21, 2017 | 10.17.41.8 (Wind River Linux LTS 17) |