CVE-2018-8637

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization KASLR bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Window...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08762)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass

The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call...

kernel: Missing permission check in move_pages system call

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...

kernel: unlimiting the stack disables ASLR

A weakness was found in the Linux ASLR implementation. Any user able to running 32-bit applications in a x86 machine can disable ASLR by setting the RLIMITSTACK resource to unlimited...

Meltdown and Spectre

Cisco Talos is aware of three new vulnerabilities impacting Intel, AMD, Qualcomm and ARM processors used by almost all computers. We are investigating these issues and although we have not observed exploitation of these vulnerabilities in the wild, that does not mean that it has not occurred. We...

Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2018-00521)

Microsoft Windows 7 SP1 and others are products of Microsoft Corporation in the United States. Microsoft Windows 7 SP1 is an operating system for personal computers; Windows Server 2008 SP2 is a server operating system. kernel is a kernel used in it. An information disclosure vulnerability exists...

Linux Kernel Information Disclosure Vulnerability (CNVD-2018-00596)

The Linux Kernel is the kernel of the Linux operating system. Linux kernel 3.3-rc1 and later have an information disclosure vulnerability in their implementation that can be exploited by an attacker to bypass KASLR security restrictions...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2017-30125)

Microsoft Windows Server 2012 R2 and others are operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. An information disclosure vulnerability exists in the kernel in Microsoft Windows. A local attacker can exploit this vulnerability to retrieve...

Microsoft Windows kernel information disclosure vulnerability (CNVD-2017-32963)

Microsoft Windows Server 2008 SP2 is a series of operating systems released by Microsoft. kernel component is one of the kernel components. An information disclosure vulnerability exists in the kernel component of Microsoft Windows, which arises from a program's failure to properly initialize...

DEBIAN-CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

UBUNTU-CVE-2017-13694

The acpipscompletefinalop function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and nodeext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism ...

Linux kernel 'acpi_ns_terminate()' function sensitive information disclosure vulnerability

Linux is an open source operating system. A security vulnerability in the 'acpinsterminate' function in the Linux drivers/acpi/acpica/nsutils.c file allows local attackers to exploit the vulnerability by submitting a special request, obtaining sensitive information, and bypassing the KASLR...

The vulnerability of the NetBSD operating system, which allows a hacker to execute arbitrary code

The vulnerability of the NetBSD operating system arises from the operation of the ld.so command outside the buffer on the stack, when the ASRL function is enabled. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

DEBIAN-CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

ALPINE-CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

Xen vCPU context-switch implementation process security bypass vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability in Xen's vCPU context-switch implementation allows an attacker to exploit the vulnerability to compromise ASLR and other protection mechanisms...

Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...