110 matches found
UBUNTU-CVE-2018-17182
An issue was discovered in the Linux kernel through 4.18.8. The vmacacheflushall function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain thread creation, map, unmap, invalidation, and dereference operations...
PT-2018-1587 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.18.9 Description: An issue in the Linux kernel allows an attacker to trigger a use-after-free via certain thread creation, map, unmap, invalidation, and dereference operations, potentially gaining privileges...
Writing a libemu/Unicorn Compatability Layer
In this post we are going to take a quick look at what it takes to write a libemu compatibility layer for the Unicorn engine. In the course of this work, we will also import the libemu Win32 environment to run under Unicorn. For a bit of background, libemu is a lightweight x86 emulator written in...
Microsoft Windows XP SP3内核创建线程本地权限提升漏洞(MS10-047)
BUGTRAQ ID: 42211 CVE ID: CVE-2010-1888 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核在创建特定类型的线程时存在竞争条件错误,本地用户可以通过运行恶意应用程序获得内核级权限提升。成功利用这个漏洞的攻击者可以执行任意内核态代码。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP3 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS10-047)以及相应补丁:...
Race condition
Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability."...
CVE-2010-1888
Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability."...
kernel: execve: must clear current->clear_child_tid
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...
CVE-2009-2848
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...
CVE-2009-2848
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...
Low: Red Hat Security Advisory: glibc security update
Updated glibc packages that address several bugs and implement some enhancements are now available. The GNU libc packages known as glibc contain the standard C libraries used by applications. This errata fixes several bugs in the GNU C Library. Fixes include in addition to enclosed Bugzilla...