Ubuntu Security Update USN-5389-1: Libcroco vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,969
Reaction score
80
Credits
-1,257
It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2017-7960) It was discovered that Libcroco was incorrectly handling invalid UTF-8 values when processing CSS files. An attacker could possibly use this issue to cause a denial of service. (CVE-2017-8834, CVE-2017-8871) It was discovered that Libcroco was incorrectly implementing recursion in one of its parsing functions, which could cause an infinite recursion loop and a stack overflow due to stack consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-12825)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-6958-1: Libcroco vulnerabilities
Replies
0
Views
441
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8294-1: PostgreSQL vulnerabilities
Replies
0
Views
134
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8292-1: libarchive vulnerabilities
Replies
0
Views
108
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8080-1: YARA vulnerabilities
Replies
0
Views
179
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8248-1: NASM vulnerabilities
Replies
0
Views
93
LinuxBot
LinuxBot


Follow Linux.org

Staff online

Members online

Total: 2,040 (members: 7, guests: 2,033)

Latest posts

Top