2854 matches found
USN-4679-1: Linux kernel vulnerabilities
It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-25656 Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4679-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4679-1 advisory. It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose...
Microsoft Windows DrawIconEx OOB Write Local Privilege Elevation
This module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx within win32k. The out of bounds write can be used to overwrite the pvbits of a SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary code executio...
About the security content of tvOS 14.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
About the security content of iOS 14.0 and iPadOS 14.0 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
Microsoft Windows DrawIconEx Local Privilege Escalation Exploit
This Metasploit module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx within win32k. The out of bounds write can be used to overwrite the pvbits of a SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary co...
Microsoft Windows DrawIconEx Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/exploit/exe' require 'msf/core/post/windows/priv' class MetasploitModule 'Microsoft Windows DrawIconEx OOB Write Local...
CVE-2020-27950
A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...
CVE-2020-10007
CVE-2020-10007 affects macOS where a logic issue in state management could allow a malicious application to determine kernel memory layout. Apple’s Big Sur 11.0.1 (and corresponding updates) address this vulnerability by applying a patch that fixes the kernel memory disclosure risk through improv...
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory aka CID-6735b4632def.
...
FreeBSD : FreeBSD -- ICMPv6 use-after-free in error message handling (8eed0c5c-3482-11eb-b87a-901b0ef719ab)
When an ICMPv6 error message is received, the FreeBSD ICMPv6 stack may extract information from the message to hand to upper-layer protocols. As a part of this operation, it may parse IPv6 header options from a packet embedded in the ICMPv6 message. The handler for a routing option caches a point...
Google Hacker Details Zero-Click 'Wormable' Wi-Fi Exploit to Hack iPhones
Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "view all the photos,...
Google Hacker Details Zero-Click 'Wormable' Wi-Fi Exploit to Hack iPhones
Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "view all the photos,...
USN-4657-1: Linux kernel vulnerabilities
Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-0427 Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen...
CVE-2019-20934
A flaw was found in the Linux kernel’s implementation of displaying NUMA statistics, where displaying the scheduler statistics could trigger a use-after-free in shownumastats and display the kernel memory to userspace. The highest threat from this vulnerability is to system availability. Mitigati...
CVE-2020-28915
A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...
Buffer overflow
A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...
CVE-2020-28915
A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...
CVE-2020-28915
A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...
Microsoft Windows/Windows Server Information Disclosure Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. An information disclosure vulnerability exists in the Microsoft...