4357 matches found
CVE-2017-9984
The sndmsndinterrupt function in sound/isa/msnd/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...
CVE-2017-9986
The intr function in sound/oss/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "doub...
CVE-2017-9986
The CVE-2017-9986 issue affects the Linux kernel’s sound/oss/msnd_pinnacle.c: the intr function is vulnerable to a double-fetch scenario when the message queue head pointer is read between two kernel reads, up to kernel versions through 4.11.7. This local condition allows a unprivileged user to c...
CVE-2017-9984
The CVE-2017-9984 issue affects the Linux kernel’s snd_msnd_interrupt path (sound/isa/msnd/msnd_pinnacle.c) and is a local, double-fetch vulnerability that can allow over-boundary access to a message queue head pointer, potentially enabling DoS or other impact. The advisory notes vulnerable until...
CVE-2017-9986
The intr function in sound/oss/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "doub...
CVE-2017-9984
The sndmsndinterrupt function in sound/isa/msnd/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...
CVE-2017-9985
The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...
UBUNTU-CVE-2017-9984
The sndmsndinterrupt function in sound/isa/msnd/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...
UBUNTU-CVE-2017-9985
The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...
PT-2017-2425 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.8 Description: The issue is related to the snd msnd interrupt function in the Linux kernel, which allows local users to cause a denial of service or possibly have other unspecified impacts. This is due to a...
PT-2017-2424 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.7 Description: The issue is related to the snd msndmidi input read function in the Linux kernel, specifically in the sound/isa/msnd/msnd midi.c file. It is caused by an out-of-bounds access in memory, which...
Microsoft Edge Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Websites that that do not securely populate the URL with confidential information could...
CVE-2017-8831
The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allows users able to plant rogue PCI device on the system to cause a denial of service out-of-bounds array access or possibly have unspecified other impact by changing a certain sequence-number value, aka a...
CVE-2017-8831
The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service out-of-bounds array access or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch"...
DEBIAN-CVE-2017-8831
The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service out-of-bounds array access or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch"...
CVE-2017-8831
The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service out-of-bounds array access or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch"...
CVE-2017-8831
The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service out-of-bounds array access or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch"...
UBUNTU-CVE-2017-8831
The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service out-of-bounds array access or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch"...
Microsoft Edge Fetch API Arbitrary Header Setting Vulnerability
Exploit for windows platform in category remote exploits ------------------------------------------------------------------------ Microsoft Edge Fetch API allows setting of arbitrary request headers ------------------------------------------------------------------------ Yorick Koster, January 20...
Microsoft Edge Fetch API allows setting of arbitrary request headers (CVE-2017-0140)
Introduction The Fetch API provides an interface for fetching resources including across the network. It will seem familiar to anyone who has used XMLHttpRequest, but the Fetch API provides a more powerful and flexible feature set. Starting in EdgeHTML 14, which ships with Windows 10 Anniversary...