PT-2023-21458 · Apple · Studio Display Firmware +1

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.3 Studio Display Firmware versions prior to 16.4 Description: A memory corruption issue was addressed with improved state management, allowing an app to potentially execute arbitrary code with kernel privileges...

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.

...

PT-2023-2814 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel's ksmbd affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the Linux kernel's ksmbd module, a high-performance in-kernel SMB server. The specific flaw...

PT-2023-2821 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2 LOGOFF and SMB2 CLOSE commands. The issue...

CVE-2023-2007

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the...

Design/Logic Flaw

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the...

DEBIAN-CVE-2023-2006

A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context ...

Linux kernel竞争条件问题漏洞

Linux Kernel is an open source operating system. A contention condition vulnerability exists in Linux Kernel RxRPC processing, which can be exploited by a local attacker to submit a special request that can kernel contextually execute arbitrary code and elevate privileges...

DPT I2O Controller driver 安全漏洞

The DPT I2O Controller driver is a driver for the US Debian community to manage some I2O-compliant RAID controllers. A security vulnerability exists in the DPT I2O Controller driver that stems from a lack of proper locking when performing operations on objects. An attacker could use this...

SUSE CVE-2023-2008

A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to...

AZL-26280 CVE-2023-2008 affecting package kernel for versions less than 5.15.111.1-1

A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to...

UBUNTU-CVE-2023-2008

A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to...

Linux kernel 输入验证错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of proper validation of user-supplied data, which could result in memory access beyond the end of an...

Microsoft Windows Bluetooth BNEP Protocol Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of...

PT-2023-2614

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 15.7.5 and 16.4.1 Apple iPadOS versions prior to 15.7.5 and 16.4.1 Apple macOS versions prior to 11.7.6, 12.6.5, and 13.3.1 Description An out-of-bounds write issue was addressed with improved input validation,...

VulnCheck KEV: CVE-2021-30900

Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges...

CVE-2023-23507

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges...

Apple macOS 资源管理错误漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS prior to Ventura 13, which stems from a memory reuse after release issue. An attacker could exploit this vulnerability to cause the system to terminate...

SUSE CVE-2006-6385

Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers aka NDIS miniport drivers before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers...

SUSE CVE-2016-8399

An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler...