In BlueZ 5.42, a buffer over-read was identified in “l2cap_packet” function in “monitor/packet.c” source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
Monthly Archives: December 2016
CVE-2016-9803
In BlueZ 5.42, an out-of-bounds read was observed in “le_meta_ev_dump” function in “tools/parser/hci.c” source file. This issue exists because ‘subevent’ (which is used to read correct element from ‘ev_le_meta_str’ array) is overflowed.
CVE-2016-9804
In BlueZ 5.42, a buffer overflow was observed in “commands_dump” function in “tools/parser/csr.c” source file. The issue exists because “commands” array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame “frm->ptr” parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Vuln: LibTIFF 'NeXTDecode()' Function Out of Bounds Write Memory Corruption Vulnerability
LibTIFF ‘NeXTDecode()’ Function Out of Bounds Write Memory Corruption Vulnerability
Vuln: libTIFF CVE-2016-5320 Remote Code Execution Vulnerability
libTIFF CVE-2016-5320 Remote Code Execution Vulnerability
Vuln: Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
Vuln: Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
GLSA 201612-03: libsndfile: Multiple vulnerabilities
Gentoo Linux Security Advisory 201612-02
Gentoo Linux Security Advisory 201612-2 – A vulnerability in DavFS2 allows local users to gain root privileges. Versions less than 1.5.2 are affected.
Gentoo Linux Security Advisory 201612-01
Gentoo Linux Security Advisory 201612-1 – Due to a design flaw, the output of GnuPG’s Random Number Generator (RNG) is predictable. Versions less than 1.4.21 are affected.