Memory corruption

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory...

CVE-2017-14896

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory...

Linux kernel 'walk_hugetlb_range' function information disclosure vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An information disclosure vulnerability exists in the 'walkhugetlbrange' function in the mm/pagewalk.c file in versions of Linux kernel prior to 4.14.2. A local attack...

CVE-2017-16994

The walkhugetlbrange function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

CVE-2017-16994

The walkhugetlbrange function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore system call...

CVE-2017-12190

The biomapuseriov and biounmapuser functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bioaddpcpage function merges them into one, but the page reference is never dropped. This...

Microsoft Windows NTFS File System Metadata Disclosures Exploit

The Microsoft Windows Kernel suffers from multiple stack and pool memory disclosures into NTFS file system metadata. Windows Kernel multiple stack and pool memory disclosures into NTFS file system metadata CVE-2017-11880 We have discovered that the NTFS.sys driver writes uninitialized kernel stac...

Microsoft Windows 10 - nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Pool Memory Disclosur

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1361 We have discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients on Windows 10, due to uninitialized fiel...

Microsoft Windows 10 - nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Pool Memory Disclosure

Microsoft Windows 10 - nt!NtQueryDirectoryFile luafv!LuafvCopyDirectoryEntry Pool Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1361 We have discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode...

Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1361 We have discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients on Windows 10, due to uninitialized fields in the output structure being copied to the...

FreeBSD Information Disclosure Vulnerability (CNVD-2017-37249)

FreeBSD is a type of UNIX operating system, an important branch of Unix that evolved from BSD, 386BSD and 4.4BSD. FreeBSD suffers from an information disclosure vulnerability. The vulnerability arises because the ptrace2 system call fails to properly initialize the ptracelwpinfo structure. A loca...

Privilege escalation

An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel...

CVE-2017-0866

An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel...

CVE-2017-11093

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "numofceablocks" from the untrusted source EDID, kernel memory can be exposed...

CVE-2017-11093

CVE-2017-11093 affects Android MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel for Display; the issue is a buffer over-read caused by missing upper-bound validation when reading the EDID field num_of_cea_blocks, potentially exposing kernel memory and causing information dis...

CVE-2017-0866

An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel...

CVE-2017-0866

CVE-2017-0866 affects NVIDIA Tegra X1 Direct Rendering Infrastructure. An unchecked userspace input is passed as a pointer to kfree, enabling kernel memory corruption and possibly code execution (local, high) In affected Pixel devices, Google Pixel security bulletin patches released for 2017-11-0...

CVE-2017-1088

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly clear the memory of the kldfilestat structure before filling the data. Since the structure filled by the kernel is allocated on the kernel stack and...

Microsoft Windows GDI Component Information Disclosure Vulnerability (CNVD-2017-37115)

Microsoft Windows 7 SP1, Windows Server 2008 SP2, and Windows Server 2008 R2 SP1 are products of Microsoft Corporation.Microsoft Windows 7 SP1 is an operating system for personal computers; Windows Server 2008 SP2 is an upgrade. Server 2008 SP2 is a server operating system.R2 SP1 is an upgraded...

Microsoft Windows GDI Component Information Disclosure Vulnerability (CNVD-2017-37116)

Microsoft Windows Server 2016 and others are operating systems released by Microsoft USA. kernel is one of the kernels. An information disclosure vulnerability exists in the kernel component of Microsoft Windows that stems from a failure of the GDI component to properly expose kernel memory...