Lucene search
K

40 matches found

OSV
OSV
added 2023/05/16 2:11 p.m.15 views

USN-6080-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7AI score0.00635EPSS
Exploits1References11
OSV
OSV
added 2023/02/15 11:5 p.m.13 views

USN-5877-1 linux-gke-5.15 vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.4AI score0.02014EPSS
Exploits6References29
OSV
OSV
added 2023/01/19 8:7 p.m.14 views

USN-5815-1 linux-bluefield vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7AI score0.01429EPSS
Exploits3References12
OSV
OSV
added 2023/01/09 8:8 p.m.11 views

USN-5792-2 linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

7.8CVSS7AI score0.01429EPSS
Exploits3References14
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-5790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.00645EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/01/06 10:52 p.m.106 views

USN-5793-1: Linux kernel vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01429EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/01/06 10:24 p.m.134 views

USN-5792-1: Linux kernel vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

7.8CVSS7.2AI score0.01429EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.6 views

PT-2022-33842 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue concerns the android: binder, specifically stopping the saving of a pointer to the VMA. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.1 views

PT-2022-33489 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue concerns the android: binder, where a pointer to the VMA is saved. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

7.2AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/03/11 3:20 p.m.64 views

CVE-2021-39686

A race condition was found in the Linux kernel Android binder driver. The driver is not included to the other kernels, apart from Android devices. This issue could allow a local user to crash the system or potentially escalate their privileges on the system...

8.4CVSS5.1AI score0.00145EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/03/06 12:0 a.m.45 views

Debian DLA-2114-1 : linux-4.9 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-13093, CVE-2018-13094 Wen Xu from SSLab at Gatech reported several NULL pointer dereference flaws that may be triggered when mounting and...

10CVSS8.2AI score0.72105EPSS
Exploits38References62
Debian
Debian
added 2020/03/02 6:14 p.m.126 views

[SECURITY] [DLA 2114-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.210-1deb8u1 CVE ID : CVE-2018-13093 CVE-2018-13094 CVE-2018-20976 CVE-2018-21008 CVE-2019-0136 CVE-2019-2215 CVE-2019-10220 CVE-2019-14615 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15098...

10CVSS7.6AI score0.72105EPSS
Exploits38
Check Point Advisories
Check Point Advisories
added 2020/01/15 12:0 a.m.17 views

Android Binder Use After Free (CVE-2019-2215)

A use-after-free vulnerability exists in Android Binder. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS5.4AI score0.72105EPSS
Exploits27
BDU FSTEC
BDU FSTEC
added 2019/10/24 12:0 a.m.5 views

Vulnerability of the driver /drivers/android/binder.c in the Android operating system, allowing a hacker to gain full control over the device

The vulnerability in the Android operating system’s driver/driver/binder.c code relates to the use of memory after it is freed. Exploiting this vulnerability can allow a hacker to gain full control over the device by using a specially created application...

7.3CVSS5.6AI score0.72105EPSS
Exploits27References6Affected Software1
CNVD
CNVD
added 2017/12/06 12:0 a.m.4 views

Google Android Binder Qualcomm Component Elevation of Privilege Vulnerability

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Google Android Binder Qualcomm component. An attacker can exploit this vulnerability to achieve elevation of privile...

7.8CVSS7.1AI score0.00127EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/01/18 12:0 a.m.8 views

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Binder application configuration in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.6CVSS7.5AI score0.01296EPSS
Exploits0References2
0day.today
0day.today
added 2016/12/30 12:0 a.m.35 views

Android tlc_server Heap Overflow Vulnerability

Android suffers from a heap overflow vulnerability in the tlcserver via the LOADTUIRESOURCE command. Android: Heap-overflow in "tlcserver" via LOADTUIRESOURCE command As a part of the TrustZone framework available on Samsung devices, Samsung provides an Android daemon which enables communication...

7.2AI score
Exploits0
OSV
OSV
added 2016/05/09 10:59 a.m.4 views

CVE-2016-2440

libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 mishandles object references, which allows attackers to gain privileges via a crafted application, aka internal bug 27252896...

7.8CVSS7.3AI score0.00464EPSS
Exploits0References2
CNVD
CNVD
added 2016/05/06 12:0 a.m.6 views

Android Binder Elevation of Privilege Vulnerability

Android is an open source operating system based on Linux. Android Binder has a security vulnerability that allows a remote attacker to build malicious apps with elevated privileges...

9.3CVSS7AI score0.00464EPSS
Exploits0References1
myhack58
myhack58
added 2015/09/01 12:0 a.m.33 views

Android-libcutils library integer overflow leading to heap damage vulnerability discovery and exploit-vulnerability warning-the black bar safety net

Before reading this article, you best understand the Android Binder mechanism, for graphics system BufferQueue principle, the heap Manager jemalloc the basic principles. This article describes how to use the libcutils library stack damage vulnerability get systemserver permissions, this...

1.4AI score
Exploits0
Rows per page
Query Builder