CVE-2016-5329

VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection SIP is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors...

Design/Logic Flaw

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

CVE-2016-9576

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

CVE-2016-9576

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

UBUNTU-CVE-2016-9576

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

Android get_user/put_user Exploit

This Metasploit module exploits a missing check in the getuser and putuser API functions in the linux kernel before 3.5.5. The missing checks on these functions allow an unprivileged user to read and write kernel memory. This exploit first reads the kernel memory to identify the commitcreds and...

Multiple Apple Products IOKit Component Memory Leak Vulnerability

Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; watchOS is a smartwatch operating system; and IOKit is a component that reads system information. A security vulnerability exists in the IOKit component of several Apple...

Apple macOS Sierra IOFireWireFamily Component Information Disclosure Vulnerability

Apple macOS Sierra is a suite of specialized operating systems for Mac computers developed by Apple Inc. in the U.S. IOFireWireFamily is one of the components used to identify input and output devices. A security vulnerability exists in the IOFireWireFamily component in Apple macOS Sierra version...

Multiple Apple Products Kernel Component Information Disclosure Vulnerability

Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; watchOS is a smartwatch operating system. kernel is a kernel component. A security vulnerability exists in the Kernel component of several Apple products. An attacker could exploit...

Ubuntu: Security Advisory (USN-3159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3160-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3160-1 advisory. CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A loc...

USN-3160-1: Linux kernel vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 It was discovered that a race condition existed in the procf...

USN-3160-1 linux vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 It was discovered that a race condition existed in the procf...

USN-3159-2: Linux kernel (OMAP4) vulnerability

It was discovered that a race condition existed in the procfs environread function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information kernel memory...

USN-3159-1: Linux kernel vulnerability

It was discovered that a race condition existed in the procfs environread function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information kernel memory...

Apple macOS Sierra IOKit Component Memory Corruption Vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.IOKit is one of the components that reads system information. A security vulnerability exists in the IOKit component in Apple macOS Sierra versions prior to 10.12.2. An attacker could exploit the vulnerabili...

Apple macOS Sierra IOAcceleratorFamily Component Memory Corruption Vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.IOAcceleratorFamily is one of the IO acceleration management components. A security vulnerability exists in the IOAcceleratorFamily component in Apple macOS Sierra versions prior to 10.12.2. An attacker can...

Apple macOS Sierra IOSurface Component Memory Corruption Vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.IOSurface is one of the programming framework components. A security vulnerability exists in the IOSurface component in Apple macOS Sierra versions prior to 10.12.2. A local attacker could exploit the...

CVE-2016-5829

A heap-based buffer overflow vulnerability was found in the Linux kernel's hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system...

Android get_user/put_user Exploit

This module exploits a missing check in the getuser and putuser API functions in the linux kernel before 3.5.5. The missing checks on these functions allow an unprivileged user to read and write kernel memory. This exploit first reads the kernel memory to identify the commitcreds and ptmxfops...