DEBIAN-CVE-2017-7889

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

CVE-2017-7889

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

CVE-2017-7889

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

Juniper Networks Junos OS Buffer Overflow Vulnerability

Junos OS is prone to a buffer overflow vulnerability in the keyboard driver. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

Linux Kernel tty_ioctl Vulnerability

A race condition in the ttyioctl function in drivers/tty/ttyio.c in the Linux kernel may allow local users to obtain sensitive information from kernel memory or cause a denial of service...

CVE-2017-2489

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app...

CVE-2017-2489

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app...

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app...

CVE-2017-2489

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.2 kernel was updated to 4.4.56 fix various security issues and bugs. The following security bugs were fixed: - CVE-2017-7184: The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel did not validate certain size data after an XFRMMSGNEWAE update, which...

Virtuozzo 7 : readykernel-patch (VZA-2017-004)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support is vulnerable to an incorrect segment...

kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)

It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNELDS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service...

kernel: Use after free in SCSI generic device interface

It was found that the blkrqmapuseriov function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging write...

Google Android kernel ION subsystem boost vulnerability (CNVD-2017-03805)

Android on Nexus 5X is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA for the Nexus 5X smart device. kernel ION is a kernel memory management subsystem. The kernel ION subsystem in Android is vulnerable to a privilege extraction vulnerability. Th...

Vulnerabilities of operating systems such as Mac OS X and iOS, which allow attackers to gain access to protected information

The vulnerability of the IOKit component in Mac OS X and iOS operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, acting locally, to gain access to protected information about the kernel’s memory structure using undefined...

Vulnerabilities of Mac OS X and iOS operating systems, allowing attackers to obtain confidential information

The vulnerability of the IOKit component in Mac OS X and iOS operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information from the kernel’s memory through a specially create...

The vulnerability of the Mac OS X operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the IOSurface component in the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an intruder, acting locally, to gain access to protected information about the kernel’s memory layout using uncertain vector...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Mac OS X operating system’s kext tools arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in privileged context or trigger a service failure memory corruption through ...

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to obtain confidential information

The vulnerability of the Kernel component in iOS and Mac OS X operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information from the kernel’s memory through a specially...