The vulnerability of the Android CAF-release operating system driver, which exists due to errors in memory buffer handling, allows a hacker to trigger a kernel memory leak.

The vulnerability of the Android CAF-release operating system driver is caused by an operation that occurs outside the buffer memory boundaries. Exploiting this vulnerability could potentially allow a remote attacker to cause a kernel memory leak...

Linux Kernel 'drivers/acpi/acpica/nseval.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpinsevaluate' function in the drivers/acpi/acpica/nseval.c file in Linux kernel versions 4.12.9 and earlier, whic...

UBUNTU-CVE-2017-13694

The acpipscompletefinalop function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and nodeext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism ...

DEBIAN-CVE-2017-13695

The acpinsevaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kernel throu...

CVE-2017-13695

The acpinsevaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kernel throu...

UBUNTU-CVE-2017-13693

The acpidscreateoperands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kerne...

CVE-2017-13694

CVE-2017-13694 affects the Linux kernel up to 4.12.9. The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c does not flush the node and node_ext caches, enabling a local attacker to trigger a kernel memory disclosure and bypass KASLR via a crafted ACPI table. The issue is mit...

CVE-2017-13694

The acpipscompletefinalop function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and nodeext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism ...

UBUNTU-CVE-2017-13695

The acpinsevaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kernel throu...

PT-2017-13024 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12.9 Linux kernel versions prior to 4.9 Description: The issue is related to the acpi ns evaluate function in the Linux kernel, which does not properly flush the operand cache. This can cause a kernel stack...

Google Android Qualcomm component SoC driver information disclosure vulnerability (CNVD-2017-27635)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the Qualcomm SoC driver is one of the Qualcomm system-on-chip drivers. An information disclosure vulnerability exists in the Qualcomm SoC driver in Android. The vulnerability...

Google Android Qualcomm component memory leak vulnerability (CNVD-2017-27633)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA in the U.S. Qualcomm is one of the Qualcomm components used in Qualcomm devices. A security vulnerability exists in the Qualcomm component of Android. An attacker can exploit the...

CVE-2016-10343

In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak...

CVE-2017-8253

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace...

CVE-2017-8269

Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory...

Design/Logic Flaw

Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory...

CVE-2017-8269

Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory...

CVE-2017-8666

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly handle objects in memory, ak...

Virtuozzo 7 : readykernel-patch (VZA-2017-068)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the handling of xfrm Netlink messages. A privileged user inside a container could cause...

Virtuozzo 7 : readykernel-patch (VZA-2017-069)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Integer overflow vulnerability in ip6find1stfragopt function was found. Local attacker that has privileges to open r...