FreeBSD-SA-20:28.bhyve_vmcs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:28.bhyvevmcs Security Advisory The FreeBSD Project Topic: bhyve privilege escalation via VMCS access Category: core Module: bhyve Announced: 2020-09-15...

Attacking the Qualcomm Adreno GPU

Posted by Ben Hawkes, Project Zero When writing an Android exploit, breaking out of the application sandbox is often a key step. There are a wide range of remote attacks that give you code execution with the privileges of an application like the browser or a messaging application, but a sandbox...

CVE-2020-17396

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17398

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17393

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

Parallels Desktop Integer Overflow Elevation of Privilege Vulnerability

Parallels Desktop is a virtual machine software that runs on Mac computers. An integer overflow elevation of privilege vulnerability exists in the prlhypervisor module in versions prior to Parallels Desktop 16.0.0 48916. The vulnerability stems from a lack of proper validation of user-supplied...

USN-4425-1 linux, linux-aws, linux-azure, linux-azure-5.4, linux-gcp, linux-hwe-5.4, linux-kvm, linux-oracle, linux-raspi, linux-raspi-5.4, linux-riscv vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...

PT-2020-6648

Name of the Vulnerable Software and Affected Versions ASRock RGB Driver versions with AsrDrv103.sys affected versions not specified Description The issue is related to the AsrDrv103.sys driver in the ASRock RGB Driver, which does not properly restrict access from user space. This can be...

CVE-2020-9795

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to execute arbitrary code with kernel privileges...

Apple macOS Catalina Wi-Fi component memory corruption vulnerability (CNVD-2020-32217)

Apple macOS Catalina is a proprietary operating system developed by Apple Inc. for Mac computers.Wi-Fi is one of the wireless Internet components. A memory corruption vulnerability exists in the Wi-Fi component of Apple macOS Catalina versions prior to 10.15.5, which can be exploited by an attack...

Unspecified Vulnerability in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility

AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility is a hardware diagnostics and overclocking utility from AMD. A security vulnerability in the atillk64.sys file in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility version 5.11.9.0, which originates from not properl...

CVE-2020-10067

CVE-2020-10067 affects Zephyr Project RTOS. A malicious userspace application can trigger an integer overflow that bypasses security checks in system call handlers, with impacts ranging from denial of service to information leak and memory corruption potentially enabling kernel code execution. Af...

Null pointer dereference

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and...

CVE-2020-7452

Removed by vendor...

CVE-2020-8875

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-3831

A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges...

Microsoft Win32k Component Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege extraction vulnerability exists in Microsoft Windows 10 version 1903, Windows ...

Multiple vendor based Broadcom cable modems buffer overflow vulnerability

Sagemcom F@st 5260, Sagemcom F@st 3890 etc. is a router.Technicolor TC7230 STEB is a wireless router. A buffer overflow vulnerability exists in Broadcom cable modems based on multiple vendors. A remote attacker could execute arbitrary code in the kernel via JavaScript running in the victim's...

CVE-2019-18568

Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user...