Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2026-40369: Defensive Analysis of the 12-Byte Windows Kern...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000939 advisory. The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003752 advisory. The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, i...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002116)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002116 advisory. The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003515 advisory. In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showflopp...

Linux Distros Unpatched Vulnerability : CVE-2017-11472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The acpinsterminate function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump,...

Linux Distros Unpatched Vulnerability : CVE-2017-1000410

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse...

DEBIAN-CVE-2024-45014

In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible physmeminfo segment corruption When physical memory for the kernel image is allocated it does not consider extra memory required for offsetting the image start to match it with the lower 20 bits of KASLR...

UBUNTU-CVE-2024-45014

In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible physmeminfo segment corruption When physical memory for the kernel image is allocated it does not consider extra memory required for offsetting the image start to match it with the lower 20 bits of KASLR...

CVE-2022-25477

Vulnerability in Realtek RtsPer driver for PCIe Card Reader RtsPer.sys before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader RtsUer.sys before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR...

CVE-2023-40082

In modifyfornextstage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

PT-2022-6067

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation KPTI. This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timi...

OpenRazer 缓冲区错误漏洞

OpenRazer is an open source driver and userspace daemon. It is used to control Razer lighting and other features on GNU/Linux. A buffer error vulnerability exists in OpenRazer versions prior to v3.5.1, which can be exploited by an attacker to disclose the stack address of razerattrreaddpistages,...

DEBIAN-CVE-2018-7755

An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discove...

PT-2018-3026 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.15.8 Description: The issue is related to the fd locked ioctl function in the Linux kernel, specifically in the floppy driver. It allows an attacker to obtain a kernel pointer by sending the FDGETPRM ioctl,...

DEBIAN-CVE-2018-7273

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...

DEBIAN-CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

UBUNTU-CVE-2017-14954

The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call...

UBUNTU-CVE-2017-13693

The acpidscreateoperands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kerne...