Intel Graphics Drivers Vulnerabilities - Lenovo Support US

No description provided...

Intel Graphics Drivers Vulnerabilities - US

Lenovo Security Advisory: LEN-15570 Potential Impact: Privilege escalation, modification of kernel memory Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2017-5696, CVE-2017-5727, CVE-2017-5717, CVE-2017-5692 Summary Description: Intel has issued multiple advisories related to i...

Apple macOS memory corruption vulnerability (CNVD-2018-22950)

macOS is Apple's proprietary operating system for the Mac line of products. A memory corruption vulnerability exists in the Kernel component in Apple macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14. An attacker can exploit the vulnerability via an application to execute...

Apple macOS Sierra Kernel memory corruption vulnerability (CNVD-2018-22359)

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.Kernel is one of the kernel components. A security vulnerability exists in the Kernel component of Apple macOS Sierra version 10.12.6. The vulnerability can be exploited by an attacker to execute arbitrary...

Apple macOS Sierra Kernel memory corruption vulnerability (CNVD-2018-22361)

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.Kernel is one of the kernel components. A security vulnerability exists in the Kernel component of Apple macOS Sierra version 10.12.6. The vulnerability can be exploited by an attacker to execute arbitrary...

Kernel Memory Initialization Vulnerability in Multiple Apple Products (CNVD-2018-22362)

Apple iOS is an operating system developed for mobile devices, tvOS is a smart TV operating system, and watchOS is a smart watch operating system. kernel is one of the kernel components. A security vulnerability exists in the Kernel component of several Apple products. The vulnerability can be...

Apple macOS Sierra Kernel memory corruption vulnerability (CNVD-2018-22363)

Apple macOS Sierra is a suite of specialized operating systems developed by Apple for Mac computers. macOS High Sierra is the next generation of macOS. macOS High Sierra is a kernel component. A security vulnerability exists in the Kernel component in Apple macOS Sierra version 10.12.6 and macOS...

Apple macOS Sierra Kernel memory corruption vulnerability (CNVD-2018-22366)

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.Kernel is one of the kernel components. A security vulnerability exists in the Kernel component of Apple macOS Sierra version 10.12.6. The vulnerability can be exploited by an attacker to execute arbitrary...

kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c

Memory leak in the sassmpgetphyevents function in drivers/scsi/libsas/sasexpander.c in the Linux kernel allows local users to cause a denial of service kernel memory exhaustion via multiple read accesses to files in the /sys/class/sasphy directory...

kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()

The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file...

kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation

A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space...

CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

DEBIAN-CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

Design/Logic Flaw

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

UBUNTU-CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

CVE-2018-18710

CVE-2018-18710 affects the Linux kernel up to 4.19, in the CDROM driver: cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c. A cast from unsigned long to int can bypass bounds checking, enabling a local attacker to read kernel memory (information disclosure). The issue is analogous to CVE-2018-1094...

CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

CVE-2018-3970

An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...

Design/Logic Flaw

An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...