Google Android max86902 Driver - sysfs Interfaces Race Condition Vulnerability

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=963 The MAX86902 sensor has a driver that exposes several interfaces through which the device may be configured. In addition to exposing a character device, it also exposes several...

Code injection

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client SDC servers...

CVE-2016-9867

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client SDC servers...

CVE-2016-9867

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client SDC servers...

CVE-2016-4306

Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses...

CVE-2016-4306

Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses...

CVE-2016-4306

Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses...

Design/Logic Flaw

Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses...

CVE-2016-4306

Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses...

CVE-2016-4306

CVE-2016-4306 : A set of local kernel information-leak vulnerabilities in Kaspersky Internet Security/KLDISK driver IOCTL handlers allow an unprivileged user to trigger leakage of kernel memory tokens and addresses. The Seebug PoC and OpenVAS entries confirm multiple kernel memory disclosures via...

Google Android max86902 Driver - sysfs Interfaces Race Condition

Google Android max86902 Driver - sysfs Interfaces Race Condition Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=963 The MAX86902 sensor has a driver that exposes several interfaces through which the device may be configured. In addition to exposing a character device, it also...

Google Android max86902 Driver - 'sysfs' Interfaces Race Condition

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=963 The MAX86902 sensor has a driver that exposes several interfaces through which the device may be configured. In addition to exposing a character device, it also exposes several entries under sysfs. Some of these entries are...

CVE-2016-9754

An integer overflow vulnerability was found in the ringbufferresize calculations in which a privileged user can adjust the size of the ringbuffer message size. These calculations can create an issue where the kernel memory allocator will not allocate the correct count of pages yet expect them to ...

CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

Code injection

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

DEBIAN-CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

PT-2016-4575 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.9 Description: The sg implementation in the Linux kernel does not properly restrict write operations in situations where the KERNEL DS option is set, allowing local users to read or write to arbitrary kernel...

UBUNTU-CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

CVE-2016-5329

VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection SIP is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors...