CVE-2019-8755

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout...

CVE-2019-8576

CVE-2019-8576 is an out-of-bounds read in Apple’s Kernel component. A local user could cause system termination or read kernel memory. Fixes were issued in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, and watchOS 5.2.1 per Apple advisories; related CVE entries and vendor advisories confirm the kern...

CVE-2019-8591

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory...

CVE-2019-8545

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory...

CVE-2019-7293

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory...

CVE-2019-8504

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory...

CVE-2019-8504

CVE-2019-8504 is an Apple memory initialization issue affecting the IOKit/kernel memory handling. The vulnerability could allow a local user to read kernel memory. The issue is addressed in official Apple advisories with patches in iOS 12.2 and macOS Mojave 10.14.4; multiple connected sources con...

CVE-2019-6207

CVE-2019-6207 is an out-of-bounds read in kernel memory handling that could let a malicious app determine kernel memory layout. Apple fixes: iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, via/improved input validation. Public documentation shows affected components (Kernel and related su...

kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c

A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory...

CVE-2011-2480

Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211IOCCHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the...

CVE-2011-2480

Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211IOCCHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the...

Information disclosure

Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211IOCCHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the...

CVE-2011-2480

Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211IOCCHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the...

CVE-2011-2480

CVE-2011-2480 is an Information Disclosure vulnerability in the 802.11 stack reported for FreeBSD before 8.2 and NetBSD on certain non-x86 architectures. The flaw is a signedness error in the IEEE80211_IOC_CHANINFO ioctl that allows a local unprivileged user to cause the kernel to copy large amou...

CentOS Update for bpftool CESA-2019:3872 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

A flaw was found in the Intel graphics hardware GPU, where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to th...

hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

A flaw was found in the Intel graphics hardware GPU, where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to th...

hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

A flaw was found in the Intel graphics hardware GPU, where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to th...

hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

A flaw was found in the Intel graphics hardware GPU, where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to th...

kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c

An issue was discovered in the Linux kernel in the cryptoreportone and related functions in the crypto/cryptouser.c the crypto user configuration API which do not fully initialize structures that are copied to userspace, potentially leaking sensitive kernel memory content to a userspace...