Apple macOS - '32-bit syscall exit' Kernel Register Leak

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1149 The XNU kernel, when compiled for a x86-64 CPU, can run 32-bit x86 binaries in compatibility mode. 32-bit binaries use partly separate syscall entry and exit paths. To return to userspace, unixsyscall in...

CVE-2016-4997

A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...

CVE-2014-5147

CVE-2014-5147 affects Xen 4.4.x on 64-bit ARM; the hypervisor fails to properly handle traps from a guest domain that use a different address width. This can allow local guest users to trigger a denial of service (host crash) via a crafted 32-bit process. The connected sources (SU​SE, Red Hat, De...

[DLL Magic] Tool to Hide DLL in any Windows Process

DLL Magic is the simple command-line tool to Hide DLL in any Windows Process. Every Process maintains internal database of loaded Modules/DLLs in the form of three linked lists. Each of these linked list represents the order in which DLLs are loaded, here are they Load Order Memory Order...