Code injection

Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081,...

kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c

An issue was discovered in the Linux kernel in the cryptoreportone and related functions in the crypto/cryptouser.c the crypto user configuration API which do not fully initialize structures that are copied to userspace, potentially leaking sensitive kernel memory content to a userspace...

kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service

A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system...

kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command

A flaw was found in the Linux kernel's implementation of the Bluetooth Human Interface Device Protocol HIDP. A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the dohidpsockioctl function in net/bluetooth/hidp/sock.c.c. This function can leak...

kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c

An issue was discovered in the Linux kernel in the cryptoreportone and related functions in the crypto/cryptouser.c the crypto user configuration API which do not fully initialize structures that are copied to userspace, potentially leaking sensitive kernel memory content to a userspace...

Apple tvOS, iOS and iPadOS Kernel Component Memory Corruption Vulnerability

Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system.Apple iPadOS is an operating system for iPad tablets.Kernel is one of the kernels. A security vulnerability exists in the Kernel component of Apple tvOS prior to version 13, iOS prior to versio...

Apple macOS Catalina memory corruption vulnerability (CNVD-2019-44548)

Apple macOS Catalina is the United States Apple Apple company's set of specialized operating system developed for Mac computers. libxml2 is one of the C-based library components used to parse XML documents . A security vulnerability exists in the Kernel component of Apple macOS Catalina prior to...

Apple iOS, iPadOS and tvOS Kernel Component Permission Logic Vulnerability (CNVD-2019-46957)

Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system.Apple iPadOS is an operating system for iPad tablets.Kernel is one of the kernels. A security vulnerability exists in the Kernel component of Apple iOS before 13.1, iPadOS before 13.1, and tvOS...

Apple macOS Catalina IOGraphics Component Buffer Overflow Vulnerability

Apple macOS Catalina is a proprietary operating system developed by Apple Inc. for Mac computers.IOGraphics is one of the input and output graphics components. A buffer overflow vulnerability exists in the IOGraphics component of Apple macOS Catalina versions prior to 10.15.1. A local attacker...

Important kernel security update: Virtuozzo ReadyKernel patch 90.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernels 3.10.0-693.21.1.vz7.46.7 Virtuozzo 7.0.7 HF2, 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8...

CVE-2018-20855

A flaw was discovered in the Linux kernel's implementation of InfiniBand. A local attacker who is able to execute a read from the InfiniBand device could trigger an information leak of kernel memory to userspace which can be used to further attack the system. Mitigation If the InfiniBand device i...

CVE-2017-0861

Use-after-free vulnerability in the sndpcminfo function in the ALSA subsystem in the Linux kernel allows attackers to induce a kernel memory corruption and possibly crash or lock up a system. Due to the nature of the flaw, a privilege escalation cannot be fully ruled out, although we believe it i...

FreeBSD : FreeBSD -- kernel memory disclosure from /dev/midistat (5027b62e-f680-11e9-a87f-a4badb2f4699)

The kernel driver for /dev/midistat implements a handler for read2. This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat's data buffer. Impact : The races allow a program to read...

Apple macOS Catalina IOGraphics Component Logic Vulnerability

Apple macOS Catalina is a proprietary operating system developed by Apple Inc. for Mac computers.IOGraphics is one of the input and output graphics components. A security vulnerability exists in the IOGraphics component in Apple macOS Catalina versions prior to 10.15. An attacker can exploit this...

macOS < 10.15 Multiple Vulnerabilities

The remote host is running a version of macOS / Mac OS X that is prior to 10.15. It is, therefore, affected by multiple vulnerabilities. - An application may be able to execute arbitrary code with kernel privileges CVE-2019-8748 - Multiple issues in PHP CVE-2019-11041, CVE-2019-11042 - Processing...

Exploit for Use After Free in Google Android

CVE-2019-2215 Temproot for Pixel 2 and Pixel 2 XL via CVE-...

CVE-2017-16994

The walkhugetlbrange function in 'mm/pagewalk.c' file in the Linux kernel from v4.0-rc1 through v4.15-rc1 mishandles holes in hugetlb ranges. This allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

OPENSUSE-SU-2019:2307-1 Security update for the Linux Kernel

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c driver...

Microsoft Windows Secure Boot Security Feature Bypass Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Secure Boot is one of the secure boot components. A security feature bypas...

Windows Secure Boot Security Feature Bypass Vulnerability

A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory. To exploit the vulnerability, an attacker must gain physical access to the target...