Security News

CVE-2017-15820

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a KGSL IOCTL handler, a Use After Free Condition can potentially occur.
Categories: Security News

CVE-2017-15829

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition.
Categories: Security News

CVE-2017-15860

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur.
Categories: Security News

CVE-2017-15861

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation.
Categories: Security News

CVE-2017-15862

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow.
Categories: Security News

CVE-2017-17764

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calculation may potentially lead to a buffer overflow.
Categories: Security News

CVE-2017-17765

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to integer overflow leading to buffer overflow.
Categories: Security News

CVE-2017-17767

National Vulnerability Database - Fri, 02/23/2018 - 18:29
In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer.
Categories: Security News

CVE-2018-1305

National Vulnerability Database - Fri, 02/23/2018 - 18:29
Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.
Categories: Security News

CVE-2018-7330

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type.
Categories: Security News

CVE-2018-7331

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length.
Categories: Security News

CVE-2018-7332

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.
Categories: Security News

CVE-2018-7333

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.
Categories: Security News

CVE-2018-7334

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.
Categories: Security News

CVE-2018-7335

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.
Categories: Security News

CVE-2018-7336

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
Categories: Security News

CVE-2018-7337

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.
Categories: Security News

CVE-2018-7417

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.
Categories: Security News

CVE-2018-7418

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
Categories: Security News

CVE-2018-7419

National Vulnerability Database - Fri, 02/23/2018 - 17:29
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.
Categories: Security News

Pages