Gnu: Security Vulnerabilities
Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
CVSS Score
6.5
EPSS Score
0.048
Published
2023-08-22
Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
CVSS Score
6.5
EPSS Score
0.048
Published
2023-08-22
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-08-14
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-14
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-07-25
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-07-25
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-07-25
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-07-20
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-07-20
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-07-20