Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-42198: A NULL pointer dereference exists in the function swf_GetBits in rfxswf.c · Issue #168 · matthiaskramm/swftools

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service.

CVE
Open in Source
#ubuntu#linux#dos#c++

system info

Ubuntu x86_64, clang 6.0, swfdump (latest master a9d5082)

Command line

./src/swfdump -D @@

AddressSanitizer output

==41593==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000471fac bp 0x0ffffed896e0 sp 0x7fffffffdd30 T0)
#0 0x471fab in swf_GetBits /test/swftools-asan/lib/rfxswf.c:213
#1 0x478bf8 in swf_GetMatrix /test/swftools-asan/lib/rfxswf.c:867
#2 0x414975 in handlePlaceObject /test/swftools-asan/src/swfdump.c:831
#3 0x409acd in main /test/swftools-asan/src/swfdump.c:1604
#4 0x7ffff68a683f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2083f)
#5 0x40c168 in _start (/test/swftools-asan/src/swfdump+0x40c168)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /test/swftools-asan/lib/rfxswf.c:213 swf_GetBits
==41593==ABORTING

POC
swf_GetBits_null_poc

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE