6612 matches found
CVE-2018-20669
An issue where a provided address with accessok is not checked was discovered in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a...
CVE-2018-14745
Buffer overflow in protgetringspace in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker who has obtained code execution on the Wi-Fi chip to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is...
CVE-2018-14745
CVE-2018-14745 affects the bcmdhd4358 Wi‑Fi driver in the Samsung Galaxy S6 (SM-G920F). The flaw is a buffer overflow in prot_get_ring_space caused by improper validation of the ring buffer read pointer, enabling an attacker who already has code execution on the Wi‑Fi chip to overwrite kernel mem...
CVE-2019-6209
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout...
CVE-2019-6209
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout...
Input validation
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout...
CVE-2019-6209
CVE-2019-6209 is an Apple kernel vulnerability affecting iOS, macOS, tvOS, and watchOS where an out-of-bounds read could disclose kernel memory layout. Root cause: insufficient input validation leading to a memory disclosure. Impact: a malicious application may determine kernel memory layout. Rem...
CVE-2019-6209
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout...
SALT - SLUB ALlocator Tracer For The Linux Kernel
Welcome to salt , a tool to reverse and learn kernel heap memory management. It can be useful to develop an exploit, to debug your own kernel code, and, more importantly, to play with the kernel heap allocations and learn its inner workings. This tool helps tracing allocations and the current sta...
The vulnerability of the IOCTL processor 0x8200E804 of the hardware security keys of the WibuKey software allows a perpetrator to cause kernel memory corruption.
The vulnerability of the WibuKey hardware security keys’ software lies in the IOCTL device driver 0x8200E804 WibuKey.sys, which is related to buffer overflow attacks. Exploiting this vulnerability can lead to damage to the kernel memory and may also result in an increase in privileges, through th...
The vulnerability of the IOCTL processor 0x8200E804 of the software device with hardware security keys WibuKey allows a perpetrator to exploit memory access on the kernel level.
The vulnerability of the IOCTL handler 0x8200E804 of the WibuKey.sys software driver involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to access kernel memory through a specially crafted IRP request input/output request...
MGASA-2019-0068 Updated opencontainers-runc packages fix security vulnerability
Not using pivotroot2 leaves the host /proc around in the mount namespace so that it is possible to mount another /proc without any other submount, even if /proc in the container is not fully visible. This flaw allows an attacker to read and modify some parts of the Linux kernel memory rhbz1663068...
WIBU-SYSTEMS WibuKey.sys 0x8200E804 IOCTL Kernel Information Disclosure Vulnerability
Wibu-Systems WibuKey is a digital rights management DRM system from Wibu-Systems. A security vulnerability in WIBU-SYSTEMS WibuKey.sys 0x8200E804 IOCTL handling allows local attackers to exploit the vulnerability by submitting a special request to obtain a kernel memory information disclosure...
Code injection
Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon...
CVE-2018-11847
Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon...
CVE-2018-3989
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
Design/Logic Flaw
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
CVE-2018-3990
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...
CVE-2018-3989
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
CVE-2018-3990
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...