PT-2017-2348 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.3 Description: The issue is related to the mm subsystem in the Linux kernel, which does not properly enforce the CONFIG STRICT DEVMEM protection mechanism. This allows local users to read or write to kernel...

CVE-2015-7292

Stack-based buffer overflow in the havokwrite function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service panic or possibly have unspecified other impact via a long string to /dev/hv...

Apple macOSiOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device

Apple macOSiOS Kernel 10.12.3 16D32 - Double-Free Due to Bad Locking in fsevents Device / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1129 fseventsfioctl handles ioctls on fsevent fds acquired via FSEVENTSCLONE64 on /dev/fsevents Heres the code for the FSEVENTSDEVICEFILTER64...

Mapbox Dev Preview - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Mapbox Dev Preview published at the 'play' market has multiple vulnerabilities...

CVE-2017-7346

In the Linux kernel's vmwgbsurfacedefineioctl function, in 'drivers/gpu/drm/vmwgfx/vmwgfxsurface.c' file, a 'req-miplevels' is a user-controlled value which is later used as a loop count limit. This allows local unprivileged user to cause a denial of service by a kernel lockup via a crafted ioctl...

Design/Logic Flaw

The vmwgbsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service system hang via a crafted ioctl call for a /dev/dri/renderD device...

Integer overflow

The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service system hang or crash or...

Linux 3.16.0-28 Integer Overflow

Title: Linux kernel 3.16.0-28 - Integer overflow + Credits / Discovery: Nassim Asrir + Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: CVE-2017-7286 Vendor: =============== https://www.kernel.org/ Vulnerability Type:...

CVE-2017-7294

The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service system hang or crash or...

CVE-2017-6462

Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...

CVE-2017-6462

Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...

Product update: Virtuozzo 7.0 Update 3 Hotfix 3 (7.0.3-641)

The new packages for Virtuozzo 7.0.3 introducing usability fixes and compatibility with Packet. Vulnerability id: PSBM-62644 Route of container with a host-routed interface was not cleared on source host after migration. Vulnerability id: PSBM-59017 Allowed access to '/dev/kmsg' inside containers...

UBUNTU-CVE-2017-6462

Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...

CVE-2017-6462

A vulnerability was found in NTP, in the parsing of packets from the /dev/datum device. A malicious device could send crafted messages, causing ntpd to crash. Mitigation Properly monitor your ntpd instances, and auto-restart ntpd without -g if it stops running...

Open Source SIP Sniffer: pcapsipdump

Open Source SIP Sniffer pcapsipdump is libpcap-based SIP sniffer with per-call sorting capabilities. It writes SIP/RTP sessions to disk in a same format, as “tcpdump -w”, but one file per SIP session even if there is thousands of concurrent SIP sessions. Each session goes in a separate, fancy-nam...

Arbitrary File Read And Denial Of Service (DoS)

fury-adapter-swagger is vulnerable to arbitrary file reads off the file system and denial of service DoS attacks. This could be used to retrieve sensitive data, or fill the entire available memory and cause a denial of service by reading/dev/zero...

CVE-2016-10150

Use-after-free vulnerability in the kvmioctlcreatedevice function in virt/kvm/kvmmain.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service host OS crash or possibly gain privileges via crafted ioctl calls on the /dev/kvm device...

Lua: Buffer overflow

Background Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Description A buffer overflow was discovered in the vararg functions in ldo....

CVE-2016-6897

Cross-site request forgery CSRF vulnerability in the wpajaxupdateplugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the checkajaxreferer...

DEBIAN-CVE-2016-6897

Cross-site request forgery CSRF vulnerability in the wpajaxupdateplugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the checkajaxreferer...