33 matches found
Wasmtime 安全漏洞
Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. A security vulnerability in Wasmtime's code generator, Cranelift, originating in the AArch64-based platform, whose conversion rules for constants do not take into account whether sign or...
Scemu - X86 32bits Emulator, For Securely Emulating Shellcodes
x86 32bits emulator, for securely emulating shellcodes. Features rust safety, good for malware. All dependencies are in rust. zero unsafe blocks. very fast emulation much faster than unicorn 3,000,000 instructions/second 100,000 instructions/second printing every instruction -vv. powered by...
hw: Special Register Buffer Data Sampling (SRBDS)
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling SRBDS has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this fl...
Denial Of Service (DoS)
Kernel is vulnerable to denial of service DoS. The Radeon GPU drivers in the Linux kernel were missing sanity checks for the Anti Aliasing AA resolve register values which could allow a local, unprivileged user to cause a denial of service or escalate their privileges on systems using a graphics...
DEBIAN-CVE-2019-19039
btrfsfreeextent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfsprintleaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as no...
UBUNTU-CVE-2019-19039
btrfsfreeextent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfsprintleaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as no...
Linux kernel information disclosure vulnerability (CNVD-2019-42534)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. An information disclosure vulnerability exists in Linux kernel 5.3.12 and earlier versions. The vulnerability stems...
PT-2019-4253 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.3.12 Description: The issue in the Linux kernel's btrfs free extent function allows local users to obtain potentially sensitive information about register values via the dmesg program in a certain ENOENT case...
kernel security and bug fix update
3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...
kernel: s390 task_show_regs infoleak
The taskshowregs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/...
CVE-2009-2910
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x8664 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode...
CVE-2009-2910
CVE-2009-2910 affects the Linux kernel’s ia32 entry path on x86_64. The issue is that arch/x86/ia32/ia32entry.S does not clear certain kernel registers before returning to user mode, which allows a local attacker to read register values from an earlier process after switching an ia32 process into...
CVE-2007-1321
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier wa...