CVE-2017-7441

Affected software: Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in HitmanPro.Alert and Sophos Clean). Vulnerability mechanism: crafted IOCTL with code 0x22E1C0 may cause kernel data leaks at the driver level, potentially exposing information such as nt!ExpPoolQuotaCookie. Impact: ...

kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)

It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNELDS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service...

Microsoft Windows Kernel Local Information Disclosure Vulnerability

Microsoft Windows is a popular operating system. A security vulnerability exists in the Microsoft Windows kernel that allows a local attacker to exploit the vulnerability to gain access to sensitive kernel information...

Apple TV and iOS API-related kernel extension information disclosure vulnerability

Apple iOS is the latest operating system for Apple's iPhone and iPod touch devices. Apple TV is Apple's way of allowing photos, videos and music from PCs and iPods to be transmitted wirelessly to a TV in high definition. An information disclosure vulnerability exists in the kernel extension relat...

CVE-2013-5142

The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the 1 msgctl API or 2 segctl API...

FreeBSD Security Advisory FreeBSD-SA-12:04.sysret [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:04.sysret Security Advisory The FreeBSD Project Topic: Privilege escalation when returning from kernel Category: core Module: sysamd64 Announced: 2012-06-12...

Linux kernel 2.6.x USB接口本地信息泄露漏洞

BUGTRAQ ID: 39042 CVE ID: CVE-2010-1083 Linux Kernel是开放源码操作系统Linux所使用的内核。 在出现设备通讯失败的时候（如USB超时）Linux Kernel的drivers/usb/core/devio.c文件中的processcompl和processcomplcompat函数将transfer缓冲区未经修改的返回给了用户空间进程，其中可能包含有最近释放的内核数据。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

windows Driver vulnerability discovery and use-vulnerability and early warning-the black bar safety net

Information source: evil octal information security teamwww.eviloctal.com to Article author: Anibal Sacco Translation author: r! usksk（springs brother: http://riusksk.blogbus.com to Note: this article starting the hackers Defense of, after the translation the original author of friendship submitt...

openSUSE 10 Security Update : kernel (kernel-4970)

This kernel update is a respin of a previous one that broke CPUFREQ support bug 357598. Previous changes : This kernel update fixes the following security problems : CVE-2008-0007: Insufficient range checks in certain fault handlers could be used by local attackers to potentially read or write...

Linux Kernel蓝牙CAPI报文远程溢出漏洞

Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel对入站CAPI消息没有执行正确的处理，远程攻击者可能利用此漏洞在服务器上执行任意指令。 Linux Kernel代码的net/bluetooth/cmtp/capi.c文件中没有正确地处理入站的CAPI消息。如果用户发送了特制的CAPI报文的话，就可能触发缓冲区溢出，覆盖某些内核数据结构，导致执行任意指令。net/bluetooth/cmtp/capi.c中漏洞代码如下： case CAPIFUNCTIONGETSERIALNUMBER: controller =...

security flaw

Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow 1 local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or 2 remote attackers to cause a denial of service panic by...

CVE-2004-0814

Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow 1 local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or 2 remote attackers to cause a denial of service panic by...

[UNIX] OpenBSD Procfs Memory Disclosure Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Linux Kernel "do_mremap" Local Proof of Concept II

Exploit for linux platform in category local exploits ================================================== Linux Kernel "domremap" Local Proof of Concept II ================================================== / Proof of concept code for testing domremap Linux kernel bug. It is based on the code by...

Linux Kernel ""do_mremap"" Local Proof of Concept II

No description provided by source. / Proof of concept code for testing domremap Linux kernel bug. It is based on the code by Christophe Devine and Julien Tinnes posted on Bugtraq mailing list on 5 Jan 2004 but it's safer since it avoids any kernel data corruption. The following test was done...

Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (2)

/ EDB Note: This will just "test" the vulnerability. EDB Note: An exploit version can be found here https://www.exploit-db.com/exploits/145/ / / Proof of concept code for testing domremap Linux kernel bug. It is based on the code by Christophe Devine and Julien Tinnes posted on Bugtraq mailing li...