Apple macOS Sierra kernel memory corruption elevation of privilege vulnerability

Apple macOS is an operating system that runs on Apple's Macintosh line of computers. A memory corruption elevation of privilege vulnerability exists in the Apple macOS Sierra kernel, which can be exploited by remote attackers to build malicious applications, elevate privileges, and gain access to...

Apple macOSiOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling

Apple macOSiOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1140 netagentctlsetopt is the setsockopt handler for netagent control sockets. Options of type NETAGENTOPTIONTYPEREGISTER...

Apple macOS/iOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1140 netagentctlsetopt is the setsockopt handler for netagent control sockets. Options of type NETAGENTOPTIONTYPEREGISTER are handled by netagenthandleregistersetopt. Here's the code: static errnot...

Apple macOS - stackshot Raw Frame Pointers

Apple macOS - stackshot Raw Frame Pointers Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1164 This is an issue that allows unentitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug. By design, the syscall...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the AVC kernel of the Adobe Flash Player arises from an operation that occurs outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption remotely...

The vulnerability of the FreeBSD operating system’s kernel allows a hacker to gain privileged access and read a portion of the kernel’s memory.

The vulnerability of the FreeBSD operating system’s kernel is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to gain privileged access and read part of the kernel’s memory using undefined vectors...

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe,...

Microsoft Windows 10 Kernel - 'nt!NtTraceControl (EtwpSetProviderTraits)' Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1161 We have discovered that the handler of the nt!NtTraceControl system call specifically the EtwpSetProviderTraitsUm functionality, opcode 0x1E discloses portions of uninitialized pool memory to user-mode clients on Windows 10...

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe, ... has 8 uninitialized bytes at the end, as the size ...

CVE-2017-8244

In coreinforead and instinforead in all Android releases from CAF using the Linux kernel, variable "dbgbuf", "dbgbuf-curr" and "dbgbuf-filledsize" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race condition...

NVIDIA Windows GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2017-07442)

NVIDIA Windows GPU Display Driver is a set of graphics processor GPU graphics card drivers for Windows from NVIDIA. A security vulnerability exists in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape in the NVIDIA Windows GPU Display Driver due to the program failing to properly valida...

CVE-2017-0345

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape where user provided input used as an array size is not correctly validated allows out of bound access in kernel memory and may lead to denial of service or...

CVE-2017-0345

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape where user provided input used as an array size is not correctly validated allows out of bound access in kernel memory and may lead to denial of service or...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1007)

According to the version of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting...

Panda Cloud Antivirus Free 18.0 Denial Of Service

Exploit Title: Panda Cloud Antivirus Free - 'PSKMAD.sys' - BSoD - denial of service Date: 2017-04-29 Exploit Author: Peter baris Vendor Homepage: http://www.saptech-erp.com.au Software Link:...

Panda Free Antivirus - 'PSKMAD.sys' Denial of Service

/ Exploit Title: Panda Cloud Antivirus Free - 'PSKMAD.sys' - BSoD - denial of service Date: 2017-04-29 Exploit Author: Peter baris Vendor Homepage: http://www.saptech-erp.com.au Software Link:...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-031)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - It was found that keyctlsetreqkeykeyring function leaked thread keyring which could allow an unprivileged...

Kernel security update: CVE-2017-7472; new kernel 2.6.32-042stab123.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides a security fix and stability bug fixes. Vulnerability id: CVE-2017-7472 It was found...

CVE-2017-7889

The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

Design/Logic Flaw

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...