AVG Internet Security avgtdix.sys Kernel Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of AVG Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of...

Memory corruption due to an unsanitized pointer in the NVIDIA display driver

Lenovo Security Advisory: LEN-3313 Potential Impact: Escalation of privileges Severity: Medium Summary: A vulnerability has been found in the NVIDIA driver that could be used to allow a local, non-privileged user to corrupt kernel memory. This could be used to gain local root privileges...

Memory corruption due to an unsanitized pointer in the NVIDIA display driver - Lenovo Support US

No description provided...

FreeBSD : FreeBSD -- ktrace kernel memory disclosure (6e04048b-6007-11e6-a6c3-14dae9d210b8)

Due to an overlooked merge to -STABLE branches, the size for page fault kernel trace entries was set incorrectly. Impact : A user who can enable kernel process tracing could end up reading the contents of kernel memory. Such memory might contain sensitive information, such as portions of the file...

FreeBSD : FreeBSD -- SCTP SCTP_SS_VALUE kernel memory corruption and disclosure (0a5cf6d8-600a-11e6-a6c3-14dae9d210b8)

Due to insufficient validation of the SCTP stream ID, which serves as an array index, a local unprivileged attacker can read or write 16-bits of kernel memory. Impact : An unprivileged process can read or modify 16-bits of memory which belongs to the kernel. This may lead to exposure of sensitive...

FreeBSD : FreeBSD -- Kernel memory disclosure in control messages and SCTP (7240de58-6007-11e6-a6c3-14dae9d210b8)

Buffer between control message header and data may not be completely initialized before being copied to userland. CVE-2014-3952 Three SCTP cmsgs, SCTPSNDRCV, SCTPEXTRCV and SCTPRCVINFO, have implicit padding that may not be completely initialized before being copied to userland. In addition, thre...

FreeBSD : FreeBSD -- TCP reassembly vulnerability (6d472244-6007-11e6-a6c3-14dae9d210b8)

FreeBSD may add a reassemble queue entry on the stack into the segment list when the reassembly queue reaches its limit. The memory from the stack is undefined after the function returns. Subsequent iterations of the reassembly function will attempt to access this entry. Impact : An attacker who...

Ubuntu: Security Advisory (USN-3049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-3057-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3057-1 advisory. Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could u...

USN-3053-1: Linux kernel (Vivid HWE) vulnerabilities

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before...

USN-3052-1: Linux kernel vulnerabilities

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service system crash. CVE-2016-4470 Kangjie Lu discovered an...

USN-3051-1: Linux kernel (Trusty HWE) vulnerabilities

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service system crash. CVE-2016-4470 Kangjie Lu discovered an...

USN-3050-1: Linux kernel (OMAP4) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

Joyent Smart Data Center Docker API Zone Escape Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within a Docker...

FreeBSD : FreeBSD -- integer overflow in IP_MSFILTER (0844632f-5e78-11e6-a6c3-14dae9d210b8)

Problem Description : An integer overflow in computing the size of a temporary buffer can result in a buffer which is too small for the requested operation. Impact : An unprivileged process can read or write pages of memory which belong to the kernel. These may lead to exposure of sensitive...

FreeBSD : FreeBSD -- Kernel memory disclosure in sctp(4) (dd48d9b9-5e7e-11e6-a6c3-14dae9d210b8)

Problem Description : When initializing the SCTP state cookie being sent in INIT-ACK chunks, a buffer allocated from the kernel stack is not completely initialized. Impact : Fragments of kernel memory may be included in SCTP packets and transmitted over the network. For each SCTP session, there a...

SUSE-SU-2016:2010-1 Security update for Linux Kernel Live Patch 11 for SLE 12

This update for the Linux Kernel 3.12.51-5239 fixes several issues. The following security bugs were fixed: - CVE-2016-4470: The keyrejectandlink function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a...

Android on Nexus Information Disclosure Vulnerability

Android on Nexus 6 and 7 is an open source operating system for the Nexus 6 and 7 smartphones based on Linux, developed by Google and the Open Handset Alliance OHA.The Linux kernel is the kernel used by the Linux Foundation's operating system Linux. Linux kernel is the kernel used by the operatin...

Apple iOS and watchOS IOAcceleratorFamily Information Disclosure Vulnerability

Apple iOS is a suite of operating systems developed for mobile devices.Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems. A security vulnerability in IOAcceleratorFamily in Apple iOS allows local attackers to exploit the vulnerability to gain...

Multiple Apple products kernel memory corruption vulnerability (CNVD-2016-05663)

Apple iOS, OS X, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; OS X is a specialized operating system for Mac computers; tvOS is an operating system for smart TVs; and watchOS is an operating system for smart watches. kernel is one of the kernel...