UBUNTU-CVE-2019-11884

The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character...

Improper Access Control

Linux kernel is vulnerable to improper access control. The vulnerability exists because the mm subsystem in the Linux kernel does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism. Local users could read or write to kernel memory locations in the first megabyte and bypass...

Information Disclosure

Linux kernel is vulnerable to information disclosure. This occurs in arch/x86/kvm/emulate.c in the Linux kernel. Local users could obtain sensitive information from kernel memory or cause a denial of service use-after-free via a crafted application that leverages instruction emulation for fxrstor...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. blkrqmapuseriov function in the Linux kernel's block device implementation does not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a use-after-fre...

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance PI futexes. A local, unprivileged user could use this flaw to escalate their privileges on...

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A race condition leading to a use-after-free flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled the addition of fragments to the LRU Last-Recently Used list under certai...

Improper Access Control

A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory...

Sensitive Information Disclosure

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remot...

Sensitive Information Disclosure

The kernel-rt is vulnerable to sensitive information disclosure. A flaw was found in the way the Linux kernel's CIFS implementation handled uncached write operations with specially crafted iovec structures. An unprivileged local user with access to a CIFS share could use this flaw to crash the...

Information Disclosure

kernel-rt is vulnerable to information disclosure. Failure to initialize certain data structure in the dotkill function in kernel/signal.c allows a local user to retrieve confidential information from the kernel memory via a malicious application with tkill and tgkill system calls...

SGI IRIX <= 6.5.5 syssgi() Onyx kernel memory disclosure Exploit

Exploit for irix platform in category local exploits / SGI IRIX include include include include include define bufsize 4294967295 int mainint argc,char argv int fd; ssizet out; char outputbuffer; ifargc \n"; exit1; printf" IRIX 6.5.5 syssgi Onyx IP19/IP21/IP25 kernel memory information leak\n";...

CVE-2018-18366

Symantec Norton Security prior to 22.16.3, SEP Windows client prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type ...

CVE-2018-18366

Symantec Norton Security prior to 22.16.3, SEP Windows client prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type ...

Design/Logic Flaw

Symantec Norton Security prior to 22.16.3, SEP Windows client prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type ...

CVE-2018-18366

Symantec Norton Security prior to 22.16.3, SEP Windows client prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type ...

CVE-2018-18366

Symantec Endpoint Protection Small Business Edition ccSetx86.sys kernel driver (IOCTL 0x224844) has an information-disclosure vulnerability. A specially crafted IRP can cause the driver to return uninitialized kernel memory to a user-mode process, potentially leaking sensitive data. The issue is ...

Vulnerability Spotlight: Symantec Endpoint Protection kernel memory information disclosure vulnerability

Marcin Noga of Cisco Talos discovered this vulnerability. Overview Cisco Talos is disclosing an information leak vulnerability in the ccSetx86.sys kernel driver of Symantec Endpoint Protection Small Business Edition. The vulnerability exists in the driver’s control message handler. An attacker ca...

kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms

A flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers to abuse this mechanism to turn null pointer dereferences into workable exploits...

Symantec Endpoint Protection Small Business Edition ccSetx86.sys 0x224844 kernel memory information disclosure vulnerability

Summary An exploitable kernel memory disclosure vulnerability exists in the 0x224844 IOCTL handler function of Symantec Endpoint Protection Small Business Edition ccSetx86.sys, version 16.0.0.77. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in...

February 21, 2019—KB4491101 (OS Build 10240.18135)

February 21, 2019—KB4491101 OS Build 10240.18135 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may prevent Internet Explorer from loading images that have a...