NetComm Wireless 4GT101W Router Cross-Site Scripting Vulnerability

NetComm Wireless 4GT101W routers is a wireless router product from NetComm Wireless Australia. A cross-site scripting vulnerability exists in NetComm Wireless 4GT101W routers running hardware version 0.01/software version V1.1.8.8/bootloader version 1.1.3. A remote attacker can exploit this...

CVE-2017-1000363

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parportptr integer is static, a 'secure boot' kernel command line adversary can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partia...

Integer overflow

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parportptr integer is static, a 'secure boot' kernel command line adversary can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partia...

CVE-2017-1000363

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parportptr integer is static, a 'secure boot' kernel command line adversary can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partia...

[slackware-security] Slackware 14.0 kernel

New kernel packages are available for Slackware 14.0 to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/linux-3.2.90/: Upgraded. This kernel fixes security issues including "Stack Clash". The issues may result in denial-of-service conditions or may...

[slackware-security] kernel

New kernel packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.75/: Upgraded. This kernel fixes security issues that include possible stack exhaustion, memory corruption, and arbitrary co...

EternalPetya – yet another stolen piece in the package?

Since June 27th we have been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since day one, various contradicting theories started popping up. Some believed that this malware is a rip-off of the original Petya, while others think that it is...

CVE-2016-10277 in MOTO X Mobile phone on the exploit practice-vulnerability warning-the black bar safety net

CVE-2016-10277 is present in the Motorola series phones bootloader high-risk vulnerabilities, you can by kernel command injection hijacking the phone startup process, loads the attacker's control of the initramfs, so as to achieve the root mention the right purpose. Our hands on just to have a...

GNU GRUB Denial of Service Vulnerability

GNU GRand Unified Bootloader GRUB is a multiple bootloader. A denial of service vulnerability exists in GNU GRUB. An attacker could exploit the vulnerability to crash the affected application, resulting in a denial of service condition...

Motorola G4 & G5 mobile phone was traced to the presence of high-risk kernel command line injection vulnerability-vulnerability warning-the black bar safety net

In a previous article about the Nexus6 root vulnerability in the article, we had mentioned Vulnerability CVE-2016-10277 will likely affect the Motorola device. When we on Twitter by some of the relevant reports after the fact to prove our previous conjecture. In order to prove that Motorola devic...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the initial loader of the HTC Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the loader context, thereby executing a local malware application remotely. This issue ...

CVE-2014-9942

CVE-2014-9942 affects the boot path in all Android releases from CAF that use the Linux kernel. The root cause is a Use of Uninitialized Variable in the boot code, which could lead to memory corruption or unpredictable behavior. The NVD CVSSv3 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) yields a...

How to pass kernel command injection bypass Nexus 6 safe start mode-bug warning-the black bar safety net

In 2017 5 on the Android security announcements, Google released a security patch that fixes the Nexus 6 bootloader in the discovery of a serious Vulnerability, CVE-2016-10277 in. Exploit this vulnerability, a physical attacker or a already have the bootloader locked down the target device...

initroot: Bypassing Nexus 6 Secure Boot through Kernel Command-line Injection

In the May 2017 Android Security Bulletin, Google released a patch to a critical and unique vulnerability CVE-2016-10277 in the Nexus 6 bootloader we had found and responsibly disclosed. By exploiting the vulnerability, a physical adversary or one with authorized-ADB/fastboot USB access to the...

The vulnerability of the initial loader for Motorola’s Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the initial loader of the Motorola Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2017-1000363

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parportptr integer is static, a 'secure boot' kernel command line adversary can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partia...

PT-2017-3048 · Linux +3 · Linux +3

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is caused by a missing bounds check in the Linux kernel, specifically in the drivers/char/lp.c file. This allows an adversary with partial control over the kernel command line,...

CVE-2017-0623

An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18...

CVE-2016-10276

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2016-10277

An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...