kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...

Avast aswSnx.sys Kernel Driver 11.1.2253 Memory Corruption

/ Author: bee13oy BSoD on Windows 7 x86 / Windows 10 x86 + Avast Premier / Avast Free Antivirus 11.1.2253 Source: https://github.com/bee13oy/AVKernelVulns/tree/master/Avast/aswSnxBSoD2ZDI-16-681 There is a Memory Corruption Vulnerability in aswSnx.sys when DeviceIoControl API is called with ioctl...

Avast aswSnx.sys Kernel Driver 11.1.2253 - Memory Corruption Privilege Escalation

/ Author: bee13oy BSoD on Windows 7 x86 / Windows 10 x86 + Avast Premier / Avast Free Antivirus 11.1.2253 Source: https://github.com/bee13oy/AVKernelVulns/tree/master/Avast/aswSnxBSoD2ZDI-16-681 There is a Memory Corruption Vulnerability in aswSnx.sys when DeviceIoControl API is called with ioctl...

Security Bulletin: NVIDIA Shield TV and Tablet contain multiple vulnerabilities

Vulnerability Details The following sections summarize the vulnerabilities and list their CVSS risk assessments. CVE-2016-8424 NVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVMAP, where referencing memory after it has been freed may lead to denial of service or possible escalation...

CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

DEBIAN-CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

UBUNTU-CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

Trend Micro Maximum Security tmusa Kernel Driver Untrusted Pointer Dereference Denial of Service Vulnerability

This vulnerability allows local attackers to deny service on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processi...

Vulnerability of Windows operating system kernel drivers, which allows attackers to increase their privileges

The vulnerability of Windows operating system kernel drivers is related to incorrect handling of objects in memory by the kernel-level driver. Exploiting this vulnerability can allow a local attacker to enhance their privileges through a specially created application...

Check Point ZoneAlarm Extreme Security vsdatant Kernel Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

SMB Exploited: WannaCry Use of EternalBlue

Server Message Block SMB is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services. SMB operates over TCP ports 139 and 445. In April 2017, Shadow Brokers released an SMB vulnerability named...

The vulnerability of the kernel file system driver of the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the kernel file system driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the kernel level from a remote location. This issue is considered “critical” due to...

The vulnerability of the Qualcomm Power operating system’s kernel driver allows a hacker to execute arbitrary code.

The vulnerability of the Qualcomm Power operating system’s kernel driver is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code within the kernel context, through a local malicious application...

Avast Free Antivirus aswSnx Kernel Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows attackers to elevate their privileges on vulnerable installations of Avast Free Antivirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the 0x82ac0170 IOCTL by the aswSnx driver in the kernel. An address pass...

VulnCheck KEV: CVE-2017-0263

Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory...

kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...

CVE-2017-0189

An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode, aka "Win32k Elevation of Privilege Vulnerability." This C...