30 matches found
Turning an OBD-II reader into a USB / NFC attack tool
One of my favourite sorts of hardware hacking is making a device do something it was never intended for. It's creative, disruptive, and fun. Everyone has their own way of going about things. Different methodologies, habits, and skill sets mean that approaches will be diverse. This is how I work...
P4wnP1 A.L.O.A. - Framework Which Turns A Rapsberry Pi Zero W Into A Flexible, Low-Cost Platform For Pentesting, Red Teaming And Physical Engagements
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance". 0. How to install The latest image could be found under release tab. The easiest way to...
Qemu: usb: ehci: memory leakage in ehci_init_transfer
Quick Emulator Qemu built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehciinittransfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host...
Qemu: usb: ehci host memory leakage during hotunplug
Memory leak in QEMU aka Quick Emulator, when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the device...
SUSE-SU-2017:1774-1 Security update for qemu
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
QEMU 'hw/usb/hcd-xhci.c' Denial of Service Vulnerability
QEMU is an open source emulator software. QEMU supports the 'hw/usb/hcd-xhci.c' security vulnerability in USB EHCI emulation, which allows local attackers to exploit the vulnerability by submitting a specially crafted request that triggers memory corruption and crashes the application...
UBUNTU-CVE-2017-9374
Memory leak in QEMU aka Quick Emulator, when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the device...
DEBIAN-CVE-2016-2391
The ohcibusstart function in the USB OHCI emulation support hw/usb/hcd-ohci.c in QEMU allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via vectors related to multiple eoftimers...
SUSE-SU-2016:1560-1 Security update for qemu
qemu was updated to fix 37 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avoi...
UBUNTU-CVE-2016-2198
QEMU aka Quick Emulator built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting ...