kernel: Possible heap buffer overflow in brcmf_cfg80211_mgmt_tx()

Kernel memory corruption due to a buffer overflow was found in brcmfcfg80211mgmttx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211CMDFRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace...

kernel: Exploitable memory corruption due to UFO to non-UFO path switch

An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ipufoappenddata when building an UFO packet with MSGMORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privilege...

kernel: Possible heap buffer overflow in brcmf_cfg80211_mgmt_tx()

Kernel memory corruption due to a buffer overflow was found in brcmfcfg80211mgmttx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211CMDFRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace...

Microsoft Windows Kernel Local Information Disclosure Vulnerability(CVE-2017-11817)

This tracker entry is a fork of issue 1325, which this bug was reported as a part of. However, as some essential information and context was provided in issue 1325, the "Reported" date was adjusted there to account for it. The new information did not concern the vulnerability discussed here, so w...

[ASA-201710-25] linux-hardened: privilege escalation

Arch Linux Security Advisory ASA-201710-25 ========================================== Severity: High Date : 2017-10-16 CVE-ID : CVE-2017-5123 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-446 Summary ======= The package linux-hardened...

CVE-2017-5123

The waitid implementation in upstream kernels did not restrict the target destination to copy information results. This can allow local users to write to otherwise protected kernel memory, which can lead to privilege escalation...

Kaspersky Internet Security KLDISK Driver Multiple Kernel Memory Disclosure Vulnerabilities(CVE-2016-4306)

Summary Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out of bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory...

Symantec Encryption Desktop 10.x =< 10.4.1 MP2HF1 (SYM17-010)

The version of Symantec Encryption Desktop installed on the remote host is version 10.x prior to or equal to 10.4.1 MP2 hot fix 1. It is, therefore, affected by an unspecified denial of service and kernel memory leak vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if...

Symantec Endpoint Encryption < 11.1.3 HF3 (SYM17-010)

The version of the Symantec Endpoint Encryption SEE Drive Encryption Client installed on the remote Windows host is prior to 11.1.3 HF23. It is, therefore, affected by an unspecified denial of service and kernel memory leak vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if...

Design/Logic Flaw

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flashdata from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address...

CVE-2017-11057

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flashdata from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address...

CVE-2017-11057

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flashdata from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address...

CVE-2017-11057

CVE-2017-11057 affects Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel in compatibility mode. The vulnerability arises from flash_data handling in 64-bit userspace, where a userspace-provided address can lead to kernel memory disclosure or a fault. Impact is inf...

Symantec Endpoint Encryption / Symantec Encryption Desktop DoS

SUMMARY Symantec has released an update to address four issues in the Symantec Endpoint Encryption / Symantec Encryption Desktop products. AFFECTED PRODUCTS Symantec Endpoint Encryption SEE --- CVE | Affected Versions | Remediation CVE-2017-13675 CVE-2017-13683 | Prior to 11.1.3HF3 | Upgrade to...

UBUNTU-CVE-2017-1000255

On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception interrupt, and use the r1 value from the signal frame as the kernel stack pointer. As part of the exception entry the content of the signa...

CentOS Update for kernel CESA-2017:2863 centos6

Check the version of kernel SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882783";...

DEBIAN-CVE-2017-1000112

Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSGMORE ipappenddata calls ipufoappenddata to append. However in between two send calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In...

CVE-2017-9724

In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address...

Design/Logic Flaw

In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address...

Apple iOS Wi-Fi Component Information Disclosure Vulnerability

Apple iOS is an operating system for Apple smart devices. A security vulnerability exists in the Wi-Fi component of Apple iOS, which allows remote attackers to exploit the vulnerability to gain access to sensitive kernel memory sensitive information...