Linux Distros Unpatched Vulnerability : CVE-2023-21122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In various functions of various files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check...

CVE-2023-21122

In various functions of various files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache

Tested on macOS Mojave 10.14.6, 18G87 and Catalina Beta 10.15 Beta 19A536g. On macOS, the dyld shared cache in /private/var/db/dyld/ is generated locally on the system and therefore doesn't have a real code signature; instead, SIP seems to be the only mechanism that prevents modifications of the...

Apple iOS kernel security bypass vulnerability

Apple iOS is an operating system developed by Apple Inc. for mobile devices. kernel is one of the kernel components. A security vulnerability exists in the kernel of Apple iOS versions prior to 8.4.1, which stems from a failure of the program to properly restrict debugging functionality. An...

Google Chrome Access Bypass Vulnerability

Google Chrome is a web browsing tool developed by Google. The use of the DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debuggerapi.cc in versions of Google Chrome prior to 41.0.2272.76 fails to properly restrict the debugging targets that can be used as the URLs,...