CVE-2015-4036

Array index error in the tcmvhostmaketpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted VHOSTSCSISETENDPOINT ioctl call. NOTE: the affected function w...

CVE-2015-5697

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call...

CVE-2015-5697

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call...

Design/Logic Flaw

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call...

CVE-2015-5697

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call...

CVE-2015-5697

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call...

CVE-2015-5697

CVE-2015-5697 (Linux kernel) : The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a bitmap data structure, allowing local attackers to read sensitive kernel memory via the GET_BITMAP_FILE ioctl. This is a local information disclosure vulnerability...

CVE-2015-5697

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call...

CVE-2015-6252

The vhostdevioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service memory consumption via a VHOSTSETLOGFD ioctl call that triggers permanent file-descriptor allocation...

Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)

/ Exploit Title: Windows 2k3 SP2 TCP/IP IOCTL Privilege Escalation MS14-070 Date: 2015-08-10 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows 2003 SP2 x86 Tested on: Windows 2003 SP2 x...

Null pointer dereference

The kvmapichasevents function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call...

DEBIAN-CVE-2015-4692

The kvmapichasevents function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call...

CVE-2015-4692

The kvmapichasevents function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call...

CVE-2015-4692

CVE-2015-4692 affects the Linux kernel’s KVM code: in arch/x86/kvm/lapic.h, the kvm_apic_has_events() function may dereference a NULL pointer via an ioctl to /dev/kvm, enabling a local attacker to cause a denial of service (system crash). The description indicates the issue exists through kernel ...

AVG Internet Security 2013.x < 2013.3495 / 2015.x < 2015.5557 Local Privilege Escalation

The remote Windows host has a version of AVG Internet Security installed that is 2013.x prior to 2013.3495 or 2015.x prior to 2015.5557. It is, therefore, affected by a local privilege escalation vulnerability due to a flaw in the TDI driver avgtdix.sys that occurs when handling 0x830020f8 IOCTL...

CVE-2015-4692

The kvmapichasevents function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call...

openSUSE Security Update : fuse (openSUSE-2015-401)

Update to version 2.9.4 - fix exec environment for mount and umount bsc931452, CVE-2015-3202 - properly restore the default signal handler - fix directory file handle passed toioctl method. - fix for uids/gids larger than 2147483647 - initialize stat buffer passed to getattr and fgetattr...

Linux Kernel (PonyOS 3.0) - TTY ioctl() Local Privilege Escalation

Linux Kernel PonyOS 3.0 - TTY ioctl Local Privilege Escalation / Exploit Title: PonyOS include include int main struct winsize ws; printf"+ PonyOS = 3.0 ioctl local root exploit\n"; memcpy&ws,"\x90\x90\x90\x90\x8b\x45\x08\x89",8; ioctl0, TIOCSWINSZ, &ws; ioctl0, TIOCGWINSZ, void 0x0010f101;...

PonyOS 3.0 tty ioctl() Privilege Escalation

Exploit Title: PonyOS include include int main struct winsize ws; printf"+ PonyOS = 3.0 ioctl local root exploit\n"; memcpy&ws,"\x90\x90\x90\x90\x8b\x45\x08\x89",8; ioctl0, TIOCSWINSZ, &ws; ioctl0, TIOCGWINSZ, void 0x0010f101; printf"- patched syssetuid\n"; asm"movl $0x18,%eax"; asm"xorl...

Linux Kernel (PonyOS 3.0) - TTY &#039;ioctl()&#039; Local Privilege Escalation

/ Exploit Title: PonyOS include include int main struct winsize ws; printf"+ PonyOS = 3.0 ioctl local root exploit\n"; memcpy&ws,"\x90\x90\x90\x90\x8b\x45\x08\x89",8; ioctl0, TIOCSWINSZ, &ws; ioctl0, TIOCGWINSZ, void 0x0010f101; printf"- patched syssetuid\n"; asm"movl $0x18,%eax"; asm"xorl...