About the security content of macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Linux kernel information disclosure vulnerability (CNVD-2019-38261)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. An information disclosure vulnerability exists in Linux kernel versions prior to 5.2.14. The vulnerability stems from...

DEBIAN-CVE-2019-16714

In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized...

Denial of Service Vulnerability in the Kernel Module of Guangfa Bank Security Controls

As one of the first joint-stock commercial banks organized in China, Guangfa Bank is committed to building the best retail bank and the most efficient SME bank in China. A denial of service vulnerability exists in the kernel module of the Guangfa Bank security control, which can be exploited by a...

Microsoft Windows Hyper-V Information Disclosure Vulnerability (CNVD-2019-38763)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Windows Hyper-V is one of the virtualization products that supports...

About the security content of tvOS 12.1.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to memory initialization errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

CVE-2019-15916

A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system...

Windows Hyper-V Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Hyper-V writes uninitialized memory to disk. An attacker could exploit the vulnerability by reading a file to recover kernel memory. To exploit the vulnerability, an attacker would first require access to a Hyper-V host. The security...

Windows Secure Boot Security Feature Bypass Vulnerability

A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory. To exploit the vulnerability, an attacker must gain physical access to the target...

Google Android Kernel MMU Privilege Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. The Kernel MMU is one of the kernel memory unit management components. An elevation of privilege vulnerability exists in the Kernel MMU component of Android. An attacker can exploit thi...

PT-2019-17781 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD versions prior to 12.0-RELEASE-p10 FreeBSD versions prior to 11.3-RELEASE-p3 FreeBSD versions prior to 11.2-RELEASE-p14 Description: The issue arises from a read handler in the kernel driver for /dev/midistat that is not thread-safe...

FreeBSD -- kernel memory disclosure from /dev/midistat

Problem Description: The kernel driver for /dev/midistat implements a handler for read2. This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat's data buffer. Impact: The races allow a...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (AWS) vulnerability (USN-4096-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4096-1 advisory. Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local...

USN-4096-1 linux-aws, linux-aws-hwe vulnerability

Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information kernel memory...

USN-4096-1: Linux kernel (AWS) vulnerability

Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information kernel memory...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0044)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net ...

FreeBSD : FreeBSD -- pts(4) write-after-free (5721ae65-b30a-11e9-a87f-a4badb2f4699)

The code which handles a close2 of a descriptor created by posixopenpt2 fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory. Impact : The bug permits malicious code to trigger a write-after-free, which may be used to gain root...

FreeBSD : FreeBSD -- Privilege escalation in cd(4) driver (14a3b376-b30a-11e9-a87f-a4badb2f4699)

To implement one particular ioctl, the Linux emulation code used a special interface present in the cd4 driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read access to a cd4 device t...

FreeBSD : FreeBSD -- Kernel memory disclosure in freebsd32_ioctl (6b856e00-b30a-11e9-a87f-a4badb2f4699)

Due to insufficient initialization of memory copied to userland in the components listed above small amounts of kernel memory may be disclosed to userland processes. Impact : A user who can invoke 32-bit FreeBSD ioctls may be able to read the contents of small portions of kernel memory. Such memo...