Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 10 hours 47 min ago

CVEs based on commit messages

27 January, 2024 - 17:03

Posted by Mark Esler on Jan 27

Dear Meng Rujie,

In regards to your recent FD posts, are you requesting CVEs based on the
presence of strings in commit messages such as "null pointer dereference"?

Are you reaching out to each upstream project before assigning a CVE? Do
you believe that every null pointer bug is a vulnerability? What impact
are you hoping to achieve?

Please reconsider how you are requesting CVEs.

CVE assignment based on commit message allows...

Re: null pointer deference in nano via read_the_list()

27 January, 2024 - 17:03

Posted by Mark Esler on Jan 27

Hi Meng,

In your recent mass posts to FD, are you reporting vulnerabilities or
bug reports which have words like "segfault" in the title? What benefit
do you see this having? Have you spoken to each upstream project before
requesting a CVE be assigned?

Thank you,
Mark Esler

Re: NULL pointer dereference in freedesktop Mesa via check_xshm()

27 January, 2024 - 17:01

Posted by Dan Cross on Jan 27

I find it very difficult to believe that every NULL pointer error in
existence is a security vulnerability.

- Dan C.

Re: Null pointer dereference in Xedit

27 January, 2024 - 17:01

Posted by Alan Coopersmith on Jan 27

I will be asking that this CVE be withdrawn on behalf of the X.Org security team.

While it is a low-priority bug, we did not see any security exposure
when this bug was first brought to our attention because there is no
way for an attacker to change the contents of the lisp.lsp file or to
cause a *.lsp file to be loaded for another user.

The bug report states "replace /usr/local/lib/X11/xedit/lisp/lisp.lsp with
the attached version,"...

Buffer overflow in Sane

26 January, 2024 - 10:11

Posted by Meng Ruijie on Jan 26

[Vulnerability description]
A buffer overflow existed in Sane v.1.2.1 via a crafted config file to the init_options() function.

[Vulnerability Type]
Buffer Overflow

[Vendor of Product]
sane

[Affected Product Code Base]
sane - 1.2.1

[Reference]
https://gitlab.com/sane-project/backends/-/issues/709

[CVE Reference]
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2023-46052 to this
vulnerability.

null pointer deference in tex-live

26 January, 2024 - 10:11

Posted by Meng Ruijie on Jan 26

[Vulnerability description]
A null pointer deference existed in tex-live v.944e257 via a crafted file to the texk/web2c/pdftexdir/tounicode.c
function.

[VulnerabilityType Other]
null pointer deference

[Vendor of Product]
tex-live

[Affected Product Code Base]
tex-live - 944e257

[Reference]
https://tug.org/pipermail/tex-live/2023-August/049406.html

[CVE Reference]
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned...

null pointer deference in MiniZinc via a crafted Preferences.json file

26 January, 2024 - 10:11

Posted by Meng Ruijie on Jan 26

[Vulnerability description]
A null pointer deference existed in MiniZinc v.2.7.6 via a crafted Preferences.json file.

[VulnerabilityType Other]
null pointer deference

[Vendor of Product]
MiniZinc

[Affected Product Code Base]
MiniZinc - 2.7.6

[Reference]
https://github.com/MiniZinc/libminizinc/issues/729

[CVE Reference]
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2023-46050 to this...