The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2017-15046 | LAME 3.99.5 has a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412. | MEDIUM | Oct 6, 2017 | 10.17.41.13 (Wind River Linux LTS 17) |
CVE-2017-15225 | _bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file. | MEDIUM | Oct 10, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-15268 | Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. | MEDIUM | Oct 12, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-15286 | SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized. | MEDIUM | Oct 12, 2017 | 10.17.41.8 (Wind River Linux LTS 17) |
CVE-2017-15298 | Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk. | MEDIUM | Oct 14, 2017 | 10.17.41.16 (Wind River Linux LTS 17) |
CVE-2017-15299 | The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call. | MEDIUM | Oct 14, 2017 | 10.17.41.3 (Wind River Linux LTS 17) |
CVE-2017-2888 | An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability. | MEDIUM | Oct 11, 2017 | 10.17.41.15 (Wind River Linux LTS 17) |
CVE-2017-12153 | A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash. | MEDIUM | Sep 21, 2017 | 10.17.41.2 (Wind River Linux LTS 17) |
CVE-2017-12837 | Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (crash) via a crafted regular expression with the case-insensitive modifier. | MEDIUM | Sep 19, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12883 | Buffer overflow in the regular expression parser in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (crash) or leak data from memory via vectors involving use of RExC_parse in the vFAIL macro. | MEDIUM | Sep 19, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14160 | The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file. | MEDIUM | Sep 21, 2017 | 10.17.41.8 (Wind River Linux LTS 17) |
CVE-2017-14245 | An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | MEDIUM | Sep 21, 2017 | 10.17.41.11 (Wind River Linux LTS 17) |
CVE-2017-14246 | An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | MEDIUM | Sep 21, 2017 | 10.17.41.11 (Wind River Linux LTS 17) |
CVE-2017-14340 | The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory. | MEDIUM | Sep 19, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14489 | The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation. | Medium | Sep 20, 2017 | 10.17.41.2 (Wind River Linux LTS 17) |
CVE-2017-14501 | An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header. | Medium | Sep 20, 2017 | 10.17.41.11 (Wind River Linux LTS 17) |
CVE-2017-14502 | read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. | Medium | Sep 20, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14503 | libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16. | Medium | Sep 20, 2017 | 10.17.41.11 (Wind River Linux LTS 17) |
CVE-2017-14529 | The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. | Medium | Sep 21, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14633 | In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). | MEDIUM | Sep 21, 2017 | 10.17.41.3 (Wind River Linux LTS 17) |
CVE-2017-14634 | In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. | MEDIUM | Sep 21, 2017 | 10.17.41.3 (Wind River Linux LTS 17) |
CVE-2017-14729 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | MEDIUM | Sep 25, 2017 | 10.17.41.8 (Wind River Linux LTS 17) |
CVE-2017-7544 | libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure. | MEDIUM | Sep 21, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-9798 | Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user\'s .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c. | MEDIUM | Sep 20, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-11185 | The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature. | MEDIUM | Aug 18, 2017 | 10.17.41.6 (Wind River Linux LTS 17) |
CVE-2017-12862 | In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12863 | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has a integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12864 | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12944 | The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. | MEDIUM | Aug 18, 2017 | 10.17.41.13 (Wind River Linux LTS 17) |
CVE-2017-13710 | The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | MEDIUM | Aug 27, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-0379 | Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c. | Medium | Sep 5, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13673 | The vga display update in Qemu 2.8.0 through 2.9.0 mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function. | Medium | Sep 6, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13685 | The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. | Medium | Aug 30, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13711 | Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properly clear ifq_so from pending packets. | Medium | Sep 5, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13712 | NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument. | Medium | Sep 1, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13726 | There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | Medium | Aug 31, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13727 | There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | Medium | Aug 31, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13733 | There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | Medium | Aug 30, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-13757 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. | Medium | Aug 31, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14058 | In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop). | Medium | Sep 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14107 | The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive. | Medium | Sep 5, 2017 | 10.17.41.9 (Wind River Linux LTS 17) |
CVE-2017-14128 | The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | Medium | Sep 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14129 | The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | Medium | Sep 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14130 | The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. | Medium | Sep 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-14136 | OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12597. | Medium | Sep 6, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14166 | libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c. | Medium | Sep 8, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14169 | In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3, an integer signedness error might occur when a crafted file, which claims a large item_num field such as 0xffffffff, is provided. As a result, the variable item_num turns negative, bypassing the check for a large value. | Medium | Sep 8, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14225 | The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dereference. (It is also conceivable that there is security relevance for a NULL pointer dereference in av_color_primaries_name calls within the ffprobe command-line program.) | MEDIUM | Sep 9, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-14228 | In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service. | MEDIUM | Sep 9, 2017 | 10.17.41.3 (Wind River Linux LTS 17) |
CVE-2017-14333 | The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during readelf -a execution. | MEDIUM | Sep 12, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |