2854 matches found
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3753-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3753-1 advisory. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could u...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Intel processors’ vulnerabilities, related to the possibility of speculative execution commands, allow attackers to gain unauthorized access to the system memory of the operating system or SMM-memory.
The vulnerability of Intel processors lies in the possibility of speculative execution of instructions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the memory of the operating system’s kernel or SMM memory by executing attacks through peripheral channels tha...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Immunity Canvas: SHOW_TIMER_LEAK
Name| showtimerleak ---|--- CVE| CVE-2017-18344 Exploit Pack| CANVAS Description| showtimerleak Notes| CVE Name: CVE-2017-18344 NOTES: This module gives an unpriviledged user the ability to dump a file from the kernel memory. A common scenario is to dump the /etc/shadow or kerberos tickets. Note:...
CVE-2017-18344
CVE-2017-18344 affects the Linux kernel before 4.14.8. The timer_create syscall in kernel/time/posix-timers.c fails to validate sigevent->sigev_notify, causing out-of-bounds access in show_timer when /proc/$PID/timers is read and enabling a local user to read arbitrary kernel memory on builds ...
Ubuntu 18.04 LTS : Linux kernel regression (USN-3718-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3718-1 advisory. USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient ear...
The vulnerability of the Bluetooth component of the Mac OS X operating system allows a hacker to disclose sensitive information about the kernel’s memory allocation scheme.
The vulnerability of the Bluetooth component in the Mac OS X operating system is related to the incorrect implementation of security mechanisms. Exploiting this vulnerability can allow an attacker to disclose sensitive information about the kernel’s memory allocation scheme through a specially...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2018-4172)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4172 advisory. - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug: 27951293 CVE-2017-17741 CVE-2017-17741 - kernel/exit.c: avoid undefined behavio...
Apple macOS/OS X Sensitive Information Disclosure Vulnerability
macOS is Apple's proprietary operating system for the Mac line of products. An Apple macOS/OS X sensitive information disclosure vulnerability exists due to an out-of-bounds memory read error triggered in the IOGraphics component, which can be exploited by an attacker to gain access to the conten...
About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan This document describes the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan. About Apple security updat...