Integer overflow

Integer signedness error in the genkbdcommonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service memory overwrite and kernel crash, or ga...

Design/Logic Flaw

The procconnectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFSCONNECTINFO ioctl call...

Design/Logic Flaw

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

CVE-2016-4482

The procconnectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFSCONNECTINFO ioctl call...

CVE-2016-4568

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

PT-2016-5973 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.7 Description: The issue concerns the proc connectinfo function in the Linux kernel, which fails to initialize a certain data structure. This allows local users to obtain sensitive information from kernel stac...

UBUNTU-CVE-2016-3713

The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...

CVE-2016-3713

The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...

Authorization

The WLAN aka Wi-Fi driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related ...

CVE-2015-0571

The WLAN aka Wi-Fi driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related ...

ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write

Exploit for windows platform in category dos / poc / Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers,...

CVE-2016-2059

The msmipcrouterbindcontrolport function in net/ipcrouter/ipcroutercore.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows...

Race condition

The msmipcrouterbindcontrolport function in net/ipcrouter/ipcroutercore.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows...

Integer overflow

The adrenoperfcounterquerygroup function in drivers/gpu/msm/adrenoperfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to...

CVE-2016-2062

The CVE-2016-2062 issue affects the Adreno GPU driver for the Linux kernel (3.x) as used in Qualcomm QuIC MSM Android contributions. The root cause is an incorrect integer data type in adreno_perfcounter_query_group within drivers/gpu/msm/adreno_perfcounter.c, which can lead to a denial of servic...

DEBIAN-CVE-2016-2548

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...

DEBIAN-CVE-2016-2549

sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service deadlock via a crafted ioctl call...

CVE-2016-2548

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...

CVE-2016-2547

sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...

DEBIAN-CVE-2016-2547

sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...