CVE-2020-9964

CVE-2020-9964 describes a memory initialization issue in iOS/iPadOS that could allow a local user to read kernel memory. Apple attributes the fix to iOS 14.0 and iPadOS 14.0 with improved memory handling. Connected sources corroborate the vulnerability as an Apple memory initialization/out-of-bou...

CVE-2020-9958

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.0 and iPadOS 14.0. An application may be able to cause unexpected system termination or write kernel memory...

CVE-2020-9958

CVE-2020-9958 is an Apple iOS/iPadOS vulnerability described as an out-of-bounds write that could cause an application to terminate unexpectedly or write to kernel memory. According to connected sources, the issue is addressed in iOS 14.0 and iPadOS 14.0, with Apple’s security content confirming ...

CVE-2020-9918

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2020-9918

CVE-2020-9918 affects Apple platforms (macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8). An out-of-bounds read was addressed by improved input validation, with the fix shipped in those updates. According to the linked Apple security content, a remote attacker may cause unexpected system termin...

CVE-2020-9909

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

Microsoft Windows Uninitialized Variable Local Privilege Escalation Exploit

This Metasploit module exploits CVE-2019-1458, an arbitrary pointer dereference vulnerability within win32k which occurs due to an uninitialized variable, which allows user mode attackers to write a limited amount of controlled data to an attacker controlled address in kernel memory. By utilizing...

Microsoft Windows Uninitialized Variable Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/exploit/exe' require 'msf/core/post/windows/priv' class MetasploitModule 'Microsoft Windows Uninitialized Variable Local...

CVE-2020-12933

A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS e.g. version 26.20.15029.27017. A specially crafted D3DKMTEscape API request can cause an out-of-bounds read in Windows OS kernel memory area. This vulnerability can be triggered from a...

PT-2020-4271 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in Windows, specifically due to the Windows kernel-mode driver's failure to properly handle objects in memory. This could all...

PT-2020-4274 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: An information disclosure issue exists due to the Windows kernel's improper initialization of objects in memory. To exploit this, an authenticated attacker could run a specially crafted...

Vulnerability of the object processing function in the kernel memory of the Windows operating system, allowing attackers to gain access to protected information

The vulnerability of the object processing function in the kernel memory of the Windows operating system is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to protected information...

PT-2020-6454 · Apple · Ipados +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 watchOS versions prior to 7.1 iOS versions prior to 12.4.9 and prior to 14.2 watchOS versions prior to 6.2.9 and prior to 5.3.9 macOS Catalina versions prior to 10.15.7 Supplemental Update and prior to 10.15.7...

kernel: memory corruption in Voice over IP nf_conntrack_h323 module

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this...

kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c

An out of bounds OOB memory access flaw was found in i2csmbusxferemulated in drivers/i2c/i2c-core-smbus.c in I2C subsystem. A read request for length data-block0 greater than 'I2CSMBUSBLOCKMAX + 1' may cause underlying I2C driver write out of array's boundary. This could allow a local attacker wi...

kernel: memory corruption in Voice over IP nf_conntrack_h323 module

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this...

kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c

A flaw was found in the Linux kernel's mwifiex driver implementation when connecting to other WiFi devices in "Test Mode." A kernel memory leak can occur if an error condition is met during the parameter negotiation. This issue can lead to a denial of service if multiple error conditions meeting...

kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS

A flaw was found in the Linux kernel. The cryptoreport function mishandles resource cleanup on error. A local attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability...

kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS

A flaw was found in the Linux kernel. The Intel Wireless WiFi MVM Firmware driver mishandles resource cleanup during device coredump. An attacker able to trigger the device coredump and system-wide out of memory conditions at the same time could use this flaw to crash the system. The highest thre...

kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS

A flaw was found in the Linux kernel. The Wireless configuration API functionality mishandles resource cleanup in nl80211getftmresponderstats function. An attacker able to trigger the resource cleanup code path could use this flaw to crash the system. The highest threat from this vulnerability is...