90 matches found
CVE-2023-21102
In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
CVE-2023-21102
In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
CVE-2023-21102
CVE-2023-21102 is a local EoP vulnerability in the Android kernel related to a bypass of shadow stack protection in __efi_rt_asm_wrapper of efi-rt-wrapper.S. The issue enables local privilege escalation without user interaction, as documented in upstream kernel and Android May 2023 bulletin entri...
CVE-2023-21102
In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
UBUNTU-CVE-2023-21102
In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
ASB-A-260821414
In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
GSD-2023-1000679 RISC-V: Align the shadow stack
RISC-V: Align the shadow stack This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit 7a270e44c9a9bd046742451e89a2abd93d96a79b, it wa...
PT-2023-1000 · Google +7 · Android Kernel +7
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Android kernel affected versions not specified Description: The issue is related to a logic error in the code of efi rt asm wrapper in efi-rt-wrapper.S, which could lead to a bypass of shadow stack...
PT-2024-11864 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition that occurs when detecting vmap stack overflow in the Linux kernel for riscv. Specifically, when two or more harts use the same shadow stack at...
Intel Adds Anti-Malware Protection in Tiger Lake CPUs
Intel’s upcoming class of mobile CPUs, code named “Tiger Lake,” will feature a long anticipated security layer, called Control-flow Enforcement Technology CET, which aims to protect against common malware attacks. CET protects against attacks on processors’ control flow, which refers to the order...