CVE-2020-9909

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

Design/Logic Flaw

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

CVE-2020-9909

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

CVE-2020-9909

CVE-2020-9909 represents an Apple kernel vulnerability: an out-of-bounds read fixed in iOS 13.6 / iPadOS 13.6 / tvOS 13.4.8 / watchOS 6.2.8. Root cause: improved bounds checking in the Kernel component; impact: an attacker who already has kernel code execution could potentially bypass kernel memo...

FreeBSD : FreeBSD -- bhyve privilege escalation via VMCS access (2c5b9cd7-f7e6-11ea-88f8-901b0ef719ab)

AMD and Intel CPUs support hardware virtualization using specialized data structures that control various aspects of guest operation. These are the Virtual Machine Control Structure VMCS on Intel CPUs, and the Virtual Machine Control Block VMCB on AMD CPUs. Insufficient access controls allow root...

FreeBSD -- bhyve privilege escalation via VMCS access

Problem Description: AMD and Intel CPUs support hardware virtualization using specialized data structures that control various aspects of guest operation. These are the Virtual Machine Control Structure VMCS on Intel CPUs, and the Virtual Machine Control Block VMCB on AMD CPUs. Insufficient acces...

FreeBSD-SA-20:28.bhyve_vmcs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:28.bhyvevmcs Security Advisory The FreeBSD Project Topic: bhyve privilege escalation via VMCS access Category: core Module: bhyve Announced: 2020-09-15...

Attacking the Qualcomm Adreno GPU

Posted by Ben Hawkes, Project Zero When writing an Android exploit, breaking out of the application sandbox is often a key step. There are a wide range of remote attacks that give you code execution with the privileges of an application like the browser or a messaging application, but a sandbox...

CVE-2020-17396

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17398

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17393

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

Parallels Desktop Integer Overflow Elevation of Privilege Vulnerability

Parallels Desktop is a virtual machine software that runs on Mac computers. An integer overflow elevation of privilege vulnerability exists in the prlhypervisor module in versions prior to Parallels Desktop 16.0.0 48916. The vulnerability stems from a lack of proper validation of user-supplied...

USN-4425-1 linux, linux-aws, linux-azure, linux-azure-5.4, linux-gcp, linux-hwe-5.4, linux-kvm, linux-oracle, linux-raspi, linux-raspi-5.4, linux-riscv vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

PT-2020-6648

Name of the Vulnerable Software and Affected Versions ASRock RGB Driver versions with AsrDrv103.sys affected versions not specified Description The issue is related to the AsrDrv103.sys driver in the ASRock RGB Driver, which does not properly restrict access from user space. This can be...

CVE-2020-9795

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to execute arbitrary code with kernel privileges...

Apple macOS Catalina Wi-Fi component memory corruption vulnerability (CNVD-2020-32217)

Apple macOS Catalina is a proprietary operating system developed by Apple Inc. for Mac computers.Wi-Fi is one of the wireless Internet components. A memory corruption vulnerability exists in the Wi-Fi component of Apple macOS Catalina versions prior to 10.15.5, which can be exploited by an attack...

Unspecified Vulnerability in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility

AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility is a hardware diagnostics and overclocking utility from AMD. A security vulnerability in the atillk64.sys file in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility version 5.11.9.0, which originates from not properl...

CVE-2020-10067

CVE-2020-10067 affects Zephyr Project RTOS. A malicious userspace application can trigger an integer overflow that bypasses security checks in system call handlers, with impacts ranging from denial of service to information leak and memory corruption potentially enabling kernel code execution. Af...