» 2022 » 8월

CVE-2022-25635

Posted on 2022년 8월 30일2022년 8월 30일 by admin

CVE-2022-25635

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service.

Source: CVE-2022-25635

CVE-2022-26527

Posted on 2022년 8월 30일2022년 8월 30일 by admin

CVE-2022-26527

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packetsâ€™ reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.

Source: CVE-2022-26527

CVE-2022-24107

Posted on 2022년 8월 30일2022년 8월 30일 by admin

CVE-2022-24107

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.

Source: CVE-2022-24107

CVE-2022-24106

Posted on 2022년 8월 30일2022년 8월 30일 by admin

CVE-2022-24106

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the ‘interleaved’ flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.

Source: CVE-2022-24106

CVE-2022-38784

Posted on 2022년 8월 30일2022년 8월 30일 by admin

CVE-2022-38784

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.

Source: CVE-2022-38784