5 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-3996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some...
ALPINE-CVE-2022-3996
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems most widely: Windows this results in a denial of service when the affected process hangs. Policy processing being enabled o...
OSV-2022-185 Heap-use-after-free in Segment::write
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44951 Crash type: Heap-use-after-free READ 1 Crash state: Segment::write Doublewrite::writepages Doublewrite::flushtodisk...
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) Double-Write Ring-0
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1456 We have discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a race-condition in the implementation of the NtQueryVirtualMemory...
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) Double-Write Ring-0 Address Leak
Microsoft Windows Kernel - NtQueryVirtualMemoryMemoryMappedFilenameInformation Double-Write Ring-0 Address Leak / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1456 We have discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a...