5907 matches found
CVE-2016-3713
The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...
CVE-2014-9904
The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact...
Design/Logic Flaw
The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...
Integer overflow
The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact...
kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko
A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...
CVE-2016-3713
CVE-2016-3713 affects the Linux kernel up to version 4.6.0 (fixed in 4.6.1). The vulnerability lies in msr_mtrr_valid() in arch/x86/kvm/mtrr.c, which incorrectly supports MSR 0x2f8 and allows a guest OS user to read or write the kvm_arch_vcpu data structure. Impact includes potential information ...
CVE-2016-3713
The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...
CVE-2016-3713
The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...
CVE-2016-5829
Multiple heap-based buffer overflows in the hiddevioctlusage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted 1 HIDIOCGUSAGES or 2 HIDIOCSUSAGES ioctl call...
CVE-2014-9904
The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact...
UBUNTU-CVE-2016-5728
Race condition in the vopioctl function in drivers/misc/mic/vop/vopvringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service memory corruption and system crash by changing a certain header, ak...
Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...
CVE-2016-2066
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service memory corruption via a crafted application that...
UBUNTU-CVE-2016-2066
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service memory corruption via a crafted application that...
CVE-2016-2066
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service memory corruption via a crafted application that...
Integer overflow
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service memory corruption via a crafted application that...
CVE-2016-5126
Heap-based buffer overflow in the iscsiaioioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service QEMU process crash or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call...
CVE-2016-5126
Heap-based buffer overflow in the iscsiaioioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service QEMU process crash or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call...
UBUNTU-CVE-2016-5126
Heap-based buffer overflow in the iscsiaioioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service QEMU process crash or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call...
FreeBSD Kernel (FreeBSD 10.2 10.3 x64) - SETFKEY (PoC)
FreeBSD Kernel FreeBSD 10.2 10.3 x64 - SETFKEY PoC include include include include include include include include include include include include int kprintfconst char fmt, ...; char ostype; uint64t originalRip; uint64t originalRbp; void resolvechar name struct kldsymlookup ksym; ksym.version =...