101 matches found
Important: kernel
Issue Overview: Race condition in rawsendmsg function allows denial-of-service or kernel addresses leak A flaw was found in the Linux kernel's implementation of rawsendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses. A local attacker, with the privilege of...
Android NVIDIA Thermal Driver Information Disclosure Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which NVIDIA Thermal driver is a temperature control component. An information disclosure vulnerability exists in the NVIDIA Thermal driver in Android, which stems from a lack ...
CVE-2016-5328
VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection SIP is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors...
CVE-2016-5329
VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection SIP is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors...
VMware Tools Local Information Disclosure Vulnerability
VMware Tools is a set of enhancements that come with VMware's VMWare virtual machines. It is a set of drivers provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of the virtual machines with those of the host computer. A...
VMware Fusion Local Information Disclosure Vulnerability
VMware Fusion allows Windows applications to run seamlessly on Intel-based Mac machines. A local information disclosure vulnerability exists in VMware Fusion. Since System Integrity Protection SIP is enabled by default on Mac OS X, a local attacker can exploit the vulnerability to obtain kernel...
Multiple vulnerabilities in the Kaspersky Total Security antivirus protection system allow attackers to obtain confidential information.
The multiple vulnerabilities of the KLDISK driver in the Kaspersky Total Security antivirus protection software are related to the lack of protection for operational data. Exploiting these vulnerabilities could allow an intruder, operating locally, to gain access to confidential information—such ...
UBUNTU-CVE-2014-9878
drivers/mmc/card/mmcblocktest.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479...
APPLE-SA-2015-03-09-3 Security Update 2015-002
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-09-3 Security Update 2015-002 Security Update 2015-002 is now available and addresses the following: iCloud Keychain Available for: OS X Yosemite v10.10.2 Impact: An attacker with a privileged network position may be able to execute...
Microsoft windows kernel mode driver kernel information disclosure vulnerability (CNVD-2015-01618)
Microsoft Windows is a popular operating system. A security vulnerability exists in the Microsoft Windows kernel mode driver that allows an attacker to exploit the vulnerability to obtain kernel-sensitive address information, which can be used to conduct further attacks on the system...
Apple Patches Thunderstrike Bug in OSX, Fixes More Than 30 Flaws in iOS
Apple has released major security updates for both OS X and iOS that includes patches for a number of bugs that could lead to arbitrary code execution. The release of iOS 8.1.3 fixes a vulnerability that allowed an attacker to bypass the sandbox restrictions in Safari and the OS X update fixes a...
CVE-2014-4064
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly handle use of the paged kernel pool for allocation of uninitialized memory, which allows...
Linux Kernel (Ubuntu 11.1012.04) - binfmt_script Stack Data Disclosure
Linux Kernel Ubuntu 11.1012.04 - binfmtscript Stack Data Disclosure Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stac...
Ubuntu: Security Advisory (USN-1159-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Memory corruption
kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service system crash via IOCTL requests using crafted kernel addresses that trigger memory corruption,...
CVE-2009-4114
kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service system crash via IOCTL requests using crafted kernel addresses that trigger memory corruption,...
Memory corruption
aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs 1 0xb2d6000c and 2 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerabilit...
[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation
Wintercore Advisory Realtek HD Audio Codec Drivers Vista - Local Privilege Escalation :: Non-Technical Description Realtek HD Audio Codec Drivers are prone to a local privilege escalation due to insufficient validation of user-mode buffers. Successful exploitation grants SYSTEM privileges to...
CVE-2007-5762
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...
CVE-2007-5762
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...