Apple iOS, iPadOS and macOS Catalina Wi-Fi Component Double Release Vulnerability

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple macOS Catalina is a specialized operating system developed for Mac computers.Wi-Fi is one of the wireless Internet components. o...

Apple macOS Catalina Bluetooth component buffer overflow vulnerability (CNVD-2020-34637)

Apple macOS Catalina is a specialized operating system developed by Apple for Mac computers.Bluetooth is one of the Bluetooth components. A buffer overflow vulnerability exists in the Bluetooth component in Apple macOS Catalina versions prior to 10.15.5. An attacker could exploit this vulnerabili...

Apple Mac OS X Security Update (HT211170)-04

Apple Mac OS X is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

About the security content of iOS 12.4.7 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

USN-4369-1: Linux kernel vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4368-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4368-1 advisory. Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this t...

Ubuntu: Security Advisory (USN-4364-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Competitive Conditions Issue Loophole

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD contains a Competitive Condition Problem vulnerability, which stems from a cryptodev module that allows data structures in the kernel to be re-exploited after they have been freed, and can be exploited by an...

CVE-2020-7455

In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel for kernel NAT or natd process...

CVE-2019-15879

In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel...

CVE-2019-15879

In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel...

Race condition

In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel...

CVE-2019-15879

In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel...

FreeBSD : FreeBSD -- Use after free in cryptodev module (9f15c2da-947e-11ea-92ab-00163e433440)

A race condition permitted a data structure in the kernel to be used after it was freed by the cryptodev module. Impact : An unprivileged process can overwrite arbitrary kernel memory. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c

An out of bounds OOB memory access flaw was found in i2csmbusxferemulated in drivers/i2c/i2c-core-smbus.c in I2C subsystem. A read request for length data-block0 greater than 'I2CSMBUSBLOCKMAX + 1' may cause underlying I2C driver write out of array's boundary. This could allow a local attacker wi...

FreeBSD-SA-20:15.cryptodev

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:15.cryptodev Security Advisory The FreeBSD Project Topic: Use after free in cryptodev module Category: core Module: cryptodev Announced: 2020-05-12 Credits:...

CVE-2020-10067 Integer Overflow In is_in_region Allows User Thread To Access Kernel Memory

A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execution within the...

Exploit for Improper Input Validation in Linux Linux_Kernel

CVE-2017-5123 PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. N...

CVE-2012-0953

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53...

CVE-2012-0953

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53...