27 matches found
PT-2026-25508
Malformed ATAES132A responses with an oversized length field overflow a 52-byte stack buffer in the Zephyr crypto driver, allowing a compromised device or bus attacker to corrupt kernel memory and potentially hijack execution...
EUVD-2016-9279
Malware in sbrugna...
EUVD-2021-12234
Malware in sbrugna...
EUVD-2017-0663
Malware in sbrugna...
EUVD-2017-0784
Malware in sbrugna...
EUVD-2016-7679
Malware in sbrugna...
EUVD-2022-30013
Malicious code in bioql PyPI...
Debian DSA-5480-1 : linux - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5480 advisory. Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269...
kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning
A flaw was found in the x86 KVM subsystem in kvmstealtimesetpreempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...
kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning
A flaw was found in the x86 KVM subsystem in kvmstealtimesetpreempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...
kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning
A flaw was found in the x86 KVM subsystem in kvmstealtimesetpreempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...
CVE-2022-39189
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...
CVE-2021-25339
Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory...
CVE-2021-25338
Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region...
Privilege escalation
An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...
Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1141 This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has an open file descriptor to the privileged device /dev/vboxdrv and can use that to compromise the host kernel. The...
CVE-2017-0567
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2017-0573
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
Oracle Solaris Local Vulnerability (CNVD-2017-00974)
Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is a Unix-like operating system. A local security vulnerability exists in Oracle Solaris. An attacker has exploited the vulnerability to compromise the 'Kernel' subcomponent...
Privilege escalation
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...