197 matches found
kernel: LoadPin bypass via dm-verity table reload
A flaw was found in the Linux kernel. Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module and firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out...
CVE-2022-32940
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges...
PT-2022-21591 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.7 macOS versions prior to 12.6 macOS versions prior to 13 Description: The issue was addressed with improved memory handling. A remote user may be able to cause kernel code execution. Recommendations: For macOS...
CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
UBUNTU-CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
CVE-2022-2503 Linux Kernel LoadPin bypass via dm-verity table reload
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
Corel Parallels Desktop 安全漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A security vulnerability exists in Corel Parallels Desktop version 17.1.1 51537, which stems from a vulnerability that allows a local attacker to disclose sensitive information on an affected...
CVE-2022-26756
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges...
Missing validation results in undefined behavior in `SparseTensorDenseAdd
Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. Failure to check the input to tf.rawops.SparseTensorDenseAdd causes a nullptr during kernel execution , triggering a denial of service attack...
CVE-2021-42685
An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105 . The IOCTL Handler 0x22005B in the Accops HyWorks DVM Tools prior to v3.3.1.105 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via...
CVE-2021-42687
A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22005B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request Packet...
CVE-2021-42980
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request...
Eltima Usb Network Gate安全漏洞
Eltima Usb Network Gate is a powerful software from United Arab Emirates. It is used for remote Usb access via Internet or Lan. A security vulnerability exists in Eltima Usb Network Gate, which originates from the IOCTL handler 0x22001B in USB Network Gate above 7.0.1370 and below 9.2.2420 that c...
Accops HyWorks DVM Tools 安全漏洞
Accops HyWorks is a suite of solutions consisting of software and hardware from Accops India. It is used to instantly and securely access enterprise applications remotely from anywhere, on any device and from any network. A buffer overflow vulnerability exists in Accops HyWorks DVM Tools, which c...
CVE-2021-30807
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been...
PUB-A-171315276
In TBD of TBD, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-30765
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges...