The escape handler for 0x10000e9 lacks bounds checks, and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow.
Monthly Archives: October 2016
NVIDIA 0x7000014 Missing Bounds Check / Buffer Overflow
There is a missing bounds check in inner loop of the escape handler for 0x7000014 that leads to a stack buffer overflow.
Gentoo Linux Security Advisory 201610-09
Gentoo Linux Security Advisory 201610-9 – Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 54.0.2840.59 are affected.
CVE-2016-9112
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.
NVIDIA 0x70000d5 DxgkDdiEscape Handler Bounds Checking
The DxgkDdiEscape handler for 0x70000d5 lacks bounds checks.
NVIDIA 0x7000170 DxgkDdiEscape Handler Bounds Checking
The DxgkDdiEscape handler for 0x7000170 lacks proper bounds checks for the variable size input escape data, and relies on a user provided size as the upper bound for writing output.
Google to Make Certificate Transparency Mandatory By 2017
In a move to bolster security for the Chrome browser, Google sets a date for making Certificate Transparency mandatory for website owners.
NVIDIA 0x100009a DxgkDdiEscape Handler Bounds Checking
The DxgkDdiEscape handler for escape 0x100009a lacks proper bounds checks.
mingw-libwebp-0.5.1-2.fc25
This update backports an upstream patch to fix multiple integer overflows (CVE-2016-9085).
mingw-libwebp-0.5.1-2.fc24
This update backports an upstream patch to fix multiple integer overflows (CVE-2016-9085).