94 matches found
EUVD-2025-13049
Malicious code in bioql PyPI...
CVE-2025-38349
In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutexunlock&ep-mtx; afterwards. That's very wrong, because it can lead to a...
CVE-2025-37760
Technical details about CVE-2025-37760 are not provided in the supplied connected documents. No affected product/version or fix is specified here. Monitor for updates.
Ubuntu: Security Advisory (USN-7455-4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6653-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation
Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts the following driver versions - Midgard GPU Kernel Driver: All versions from r12p0 - r32p0 Bifrost GPU...
USN-5757-2: Linux kernel vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...
Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
Summary: Updated Recommendations Section 04/04/2018 Today a team of security researchers disclosed several software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from many types of computing devices with many different vendors’...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-4678-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4678-1 advisory. It was discovered that the AMD Running Average Power Limit RAPL driver in the Linux kernel did not properly restrict access to power data. A local attack...
Android Binder Use-After-Free
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Android Binder Use-After-Free Exploit", 'Description' = %q , 'License' = MSFLICENSE, 'Author' = 'Jann Horn', discovery and exploit 'Maddie Stone'...
Ubuntu: Security Advisory (USN-4095-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Kernel 4.10 < 5.1.17 - PTRACE_TRACEME pkexec Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits // Linux 4.10 // - added known helper paths // - added search for suitable helpers // - added automatic targeting // - changed target suid exectuable from passwd to pkexec // https://github.com/bcoles/kernel-exploits/tree/master/CVE-2019-13272...
Linux Kernel 4.10 5.1.17 - PTRACE_TRACEME pkexec Local Privilege Escalation
Linux Kernel 4.10 5.1.17 - PTRACETRACEME pkexec Local Privilege Escalation // Linux 4.10 // - added known helper paths // - added search for suitable helpers // - added automatic targeting // - changed target suid exectuable from passwd to pkexec //...
Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation
// Linux 4.10 // - added known helper paths // - added search for suitable helpers // - added automatic targeting // - changed target suid exectuable from passwd to pkexec // https://github.com/bcoles/kernel-exploits/tree/master/CVE-2019-13272 // --- // Tested on: // - Ubuntu 16.04.5 kernel...
Ubuntu 14.04 LTS : libseccomp vulnerability (USN-4001-2)
USN-4001-1 fixed a vulnerability in libseccomp. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details : Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker...
USN-4001-1: libseccomp vulnerability
Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker could use this to bypass intended access restrictions for argument-filtered system calls...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : snapd vulnerability (USN-3917-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3917-1 advisory. The snapd default seccomp filter for strict mode snaps blocks the use of the ioctl system call when used with TIOCSTI as the second argume...
USN-3908-2: Linux kernel (Trusty HWE) vulnerability
USN-3908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered a race condition in the fork system call in the Linux kernel. A...
USN-3908-1: Linux kernel vulnerability
Jann Horn discovered a race condition in the fork system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations...