Medium: bind

Issue Overview: Crash from assertion error when debug log level is 10 and log entries meet buffer boundary. This flaw appears to be exploitable only when debug logging is enabled and set to at least a level of 10. As this configuration should be rare in production instances of bind, it is unlikel...

Android - binder Use-After-Free via racy Initialization of ->allow_user_free Exploit

Android - binder Use-After-Free via racy Initialization of -allowuserfree Exploit The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. Th...

java-1.7.0-openjdk security update

1:1.7.0.211-2.6.17.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set ITCFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debuginfo in...

java-1.7.0-openjdk security update

1:1.7.0.211-2.6.17.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.211-2.6.17.1 - Produce debug symbols for libpulse-java.so - Set ITCFLAGS=-g so that debug symbols for the pulse audio - native library are being produced. This is needed to fix - rpmdiff errors of missing .debuginfo in...

Xiaomi perseus-p-oss MIX 3 integer overflow vulnerability

Xiaomi perseus-p-oss MIX 3 is a smartphone from Chinese company Xiaomi Technology Xiaomi. Xiaomi perseus-p-oss MIX 3 An integer overflow vulnerability exists in the sdeevtlogfilterwrite method of the drivers/gpu/drm/msm/sdedbg.c file in the Xiaomi perseus-p-oss MIX 3 on 2018-11-26 and earlier...

chrome-js (>=0.1.8 <=0.2.0), cpos (>=0.1.3 <=0.1.9) +20 more potentially affected by CVE-2016-10580 via nodewebkit (>=0.10.0-rc1-3 <=0.11.6)

nodewebkit NPM version =0.10.0-rc1-3, =0.1.8, =0.1.3, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =0.0.24, =1.6.1, =0.0.0, =0.1.0, =1.0.1, =0.0.0, =0.0.22 and more Source cves: CVE-2016-10580 Source advisory: OSV:GHSA-GC6C-5V9W-XMHW...

Notepad++: Command injection by setting a custom search engine

Summary: Arbitrary commands can be injected when using the "Search on Internet" function with a malicious custom search engine. The custom search engine can be set through the GUI or the config files, with different attack scenarios. Description: The "Search on Internet" context menu functionalit...

USN-3871-4: Linux kernel (HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.0...

Android - binder Use-After-Free of VMA via race Between reclaim and munmap Exploit

Android - binder Use-After-Free of VMA via race Between reclaim and munmap The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. There is ...

The vulnerability of the `load_specificdebug_section` function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the GNU Binutils development tool is related to a numerical overflow of the loadspecific DebugSection function in objdump.c, which results in the allocation of zero-sized memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

Android - binder Use-After-Free of VMA via race Between reclaim and munmap

The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. There is a race condition between the direct reclaim path enters binder through the...

Avast Anti-Virus 19.1.2360 - Local Credentials Disclosure

Avast Anti-Virus 19.1.2360 - Local Credentials Disclosure Exploit Title: Avast Anti-Virus Local Credentials Disclosure 19.1.2360 Date: 01/18/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Version: before 19.1.2360 build 19.1.4142.0 Tested on: Windows 10 x64 CVE: CVE-2018-12572...

Ubuntu 18.04 LTS : Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities (USN-3871-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3871-3 advisory. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to...

USN-3871-3: Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

USN-3871-4: Linux kernel (HWE) vulnerabilities

USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem...

USN-3871-2: Linux kernel regression

USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the metabg option enabled. This update fixes the problems. We apologize for the inconvenience. Original...

Pown Recon - A Powerful Target Reconnaissance Framework Powered By Graph Theory

Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between different types of information which comes quite handy in many situations. Graph theory algorithms...

bind security update

32:9.9.4-73 - Fixes debug level comments 1647539...

Linux kernel information disclosure vulnerability (CNVD-2019-38531)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'hiddebugeventsread' function in the drivers/hid/hid-debug.c file in the Linux kernel. A local attacker could exploit this...

RHEL 7 : bind (RHSA-2019:0194)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0194 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable...