Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation

/ CVE-2021-22555: Turning \x00\x00 into 10000$ by Andy Nguyen theflow@ theflow@theflow:$ gcc -m32 -static -o exploit exploit.c theflow@theflow:$ ./exploit + Linux Privilege Escalation by theflow@ - 2021 + STAGE 0: Initialization Setting up namespace sandbox... Initializing sockets and message...

Intel Core Processors 输入验证错误漏洞

Intel Core Processors is an Intel Core family of central processing units CPUs from Intel Corporation. A security vulnerability exists in Intel Core Processors, which stems from a Pointer Validation Insufficiency vulnerability in AMD Graphics Driver for Windows 10, which could lead to the executi...

DEBIAN-CVE-2021-20292

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveausgdma.c in nouveausgdmacreatettm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with ...

DEBIAN-CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

The vulnerability of Linux operating system’s kernel-based PI futex components, which allows a hacker to execute arbitrary code at the kernel level

The vulnerability of Linux operating system’s kernel PI futexes relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code at the kernel level...

UBUNTU-CVE-2019-25044

The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blkmqfreerqs and blkcleanupqueue...

PT-2021-4226 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux Kernel version 5.11.15 Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit th...

Corel Parallels Desktop 输入验证错误漏洞

Parallels Desktop is a virtual machine software that runs on Mac computers. A security vulnerability exists in the Parallels Tools component of Parallels Desktop version 16.1.2-49151. The vulnerability stems from a lack of proper validation of user-supplied data. An attacker can exploit the...

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

...

AZL-6544 CVE-2021-29154 affecting package kernel for versions less than 5.10.78.1-1

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpfjitcomp.c and arch/x86/net/bpfjitcomp32.c...

PT-2021-2653 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.11.12 Description: The issue is related to incorrect computation of branch displacements in BPF JIT compilers, allowing them to execute arbitrary code within the kernel context. This affects files...

CVE-2020-27907

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4878-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4878-1 advisory. It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad- hoc SSIDs. A local attacker could...

Vulnerabilities fixed in Apple macOS

Vulnerabilities have been fixed in Apple macOS. The vulnerabilities allow a local malicious person to obtain elevated privileges to obtain or execute arbitrary code with kernel privileges. The vulnerability with attribute CVE-2021-3156 is known as the sudo vulnerability named "Baron Samedit." Mor...

UBUNTU-CVE-2021-3347

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458...

Linux kernel 资源管理错误漏洞

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A kernel stack reuse after release vulnerability exists in PI futex in Linux kernel 5.10.11 and earlier versions duri...

CVE-2019-8852

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges...

CVE-2019-8718

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with kernel privileges...

Trend Micro Antivirus for Mac Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-9899

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges...