FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-06 21:13:35 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
d487d4fc-43a8-11ed-8b01-b42e991fc52e	zydis -- heap buffer overflow Zyantific reports: Zydis users of versions v3.2.0 and older that use the string functions provided in zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis failed to properly initialize the string object within the formatter buffer, forgetting to initialize a few fields, leaving their value to chance. This could then in turn cause zycore functions like ZyanStringAppend to make incorrect calculations for the new target size, resulting in heap memory corruption. Discovery 2021-11-08 Entry 2022-10-04 zydis < 3.2.1 CVE-2021-41253 https://www.cvedetails.com/cve/CVE-2021-41253

VuXML ID

Description

d487d4fc-43a8-11ed-8b01-b42e991fc52e

zydis -- heap buffer overflow

Zyantific reports:

Zydis users of versions v3.2.0 and older that use the string functions provided in zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis failed to properly initialize the string object within the formatter buffer, forgetting to initialize a few fields, leaving their value to chance. This could then in turn cause zycore functions like ZyanStringAppend to make incorrect calculations for the new target size, resulting in heap memory corruption.

Discovery 2021-11-08
Entry 2022-10-04
zydis

< 3.2.1

CVE-2021-41253
https://www.cvedetails.com/cve/CVE-2021-41253