479 matches found
The vulnerability of the QEMU hardware emulation software, which allows a hacker to read memory on the host machine
The vulnerability of the megasasdcmdcfgread function in the hw/scsi/megasas.c file of the hardware emulation software QEMU is related to the creation of a host adapter for the MegaRAID SAS 8708EM2 device. Exploiting this vulnerability allows an attacker to read memory from the host device by usin...
CVE-2016-5105
The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...
CVE-2016-5106
The megasasdcmdsetproperties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service out-of-bounds write access via vectors involving a MegaRAID Firmware Interface MFI command...
UBUNTU-CVE-2016-5105
The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...
UBUNTU-CVE-2016-5106
The megasasdcmdsetproperties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service out-of-bounds write access via vectors involving a MegaRAID Firmware Interface MFI command...
CVE-2016-5105
The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...
The vulnerability of the Mac OS X operating system, which allows a hacker to increase their privileges
The vulnerability of the kernel loader in the EFI component of the Mac OS X operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created path name...
grub2: modules built in on EFI builds that allow loading arbitrary code, circumventing secure boot
It was discovered that grub2 builds for EFI systems contained modules that were not suitable to be loaded in a Secure Boot environment. An attacker could use this flaw to circumvent the Secure Boot mechanisms and load non-verified code. Attacks could use the boot menu if no password was set, or t...
The vulnerability of the Mac OS X operating system, which allows a hacker to trigger a service failure
The vulnerability of the EFI component in the Mac OS X operating system is related to errors in specifying the range of protected registers. Exploiting this vulnerability can allow a malicious actor to trigger a service failure through a specially crafted application...
PT-2015-7636
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description The issue allows local users to bypass intended securelevel/secureboot restrictions. This is achieved by leveraging improper handling of the secure boot flag across kexec reboot when...
kernel: execution in the early microcode loader
A stack-based buffer overflow flaw was found in the Linux kernel's early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel ring0 level, bypassing intended restrictions in place...
Multiple Dell devices vulnerable
Dell Latitude, etc. are the products of the United States Dell Dell company.Dell Latitude and OptiPlex are notebook product models; Precision Mobile Workstation is a precision mobile workstation; Precision Workstation CS is a set of mobile workstation Client; BIOS Basic Input-Output System is a s...
IBM Unified Extensible Firmware Interface Denial of Service Vulnerability
The IBM Unified Extensible Firmware Interface is a standard detailing type interfaces for operating systems to automatically load from a pre-booted operating environment, to an operating system that simplifies the boot process and saves time. A security vulnerability exists in IBM Unified...
Apple Mac computer firmware 0day EFI rootkit vulnerability
MAC is apple's self-developed operating system, now commonly used operating systems are windows, linux, mac. MacBook Pro Retina, MacBook Pro and MacBook Air computers may have a security vulnerability in the EFI firmware update, the attacker does not need to physically touch the target machine, c...
Multiple Product UEFI System Local Security Bypass Vulnerabilities
UEFI is a standard that details a type of interface. This interface is used to automatically load the operating system from a pre-booted operating environment onto an operating system. A local security bypass vulnerability exists in multiple product UEFI systems where a boot script is used to...
Kali Linux 1.0.8 — New Release Supports UEFI Boot
Great news for Hackers and Backtrack Linux fans! Offensive Security, the developers of one of the most advance open source operating system for penetration testing known as 'KALI Linux', has finally announced the release of the latest version i.e. Kali Linux 1.0.8. Kali Linux is based upon Debian...
kernel: validate size of EFI GUID partition entries
The isgptvalid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface EFI GUID Partition Table GPT entry, which allows physically proximate attackers to cause a denial of service heap-based buffer overflow and OOPS or obtain...
kernel: validate size of EFI GUID partition entries
The isgptvalid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface EFI GUID Partition Table GPT entry, which allows physically proximate attackers to cause a denial of service heap-based buffer overflow and OOPS or obtain...
kernel: validate size of EFI GUID partition entries
The isgptvalid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface EFI GUID Partition Table GPT entry, which allows physically proximate attackers to cause a denial of service heap-based buffer overflow and OOPS or obtain...