6605 matches found
FreeBSD -- Incorrect argument handling in sendmsg(2)
Problem Description: Incorrect argument handling in the socket code allows malicious local user to overwrite large portion of the kernel memory. Impact: Malicious local user may crash kernel or execute arbitrary code in the kernel, potentially gaining superuser privileges...
Linux kernel denial of service vulnerability (CNVD-2016-03199)
Linux kernel is an open source operating system. The Linux kernel 'fillv4l2buffer' function fails to properly validate the number of 'planes', allowing a local attacker to exploit this vulnerability to overwrite kernel memory and conduct denial of service attacks...
Microsoft Windows DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Microsoft Windows DirectX graphics kernel subsystem dxgkrnl.sys, which arises from a program that fails to properly handle objects in memory and...
Microsoft Windows HVCI Security Bypass Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A security bypass vulnerability exists in Microsoft Windows 10 Gold and 1511, which stems from a program failing to properly allow certain kernel-mode pages to be marked as Read, Write, and Execute RWX....
Linux kernel restricted use write vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the drivers/infiniband stack using the insecure 'write' function to replace the 'bi-directional ioctl '...
DEBIAN-CVE-2016-2117
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
CVE-2016-2117
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
CVE-2016-2117
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
Design/Logic Flaw
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
UBUNTU-CVE-2015-8019
The skbcopyandcsumdatagramiovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service memory corruption or possibly have unspecified other impact via a write system call followed by a recvms...
CVE-2016-2117
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
CVE-2016-2117
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
CVE-2016-2117
CVE-2016-2117 affects the Atheros L2 ethernet driver (atl2) in the Linux kernel up to version 4.5.2. The root cause is incorrect enablement of scatter/gather I/O, which can allow a remote attacker to read packet data and potentially obtain sensitive kernel memory information. Public documents fro...
CVE-2016-2117
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
UBUNTU-CVE-2016-2117
The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...
CVE-2016-2383
The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...
Design/Logic Flaw
The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...
CVE-2016-2383
The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...
Xen has an unspecified vulnerability
Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability exists in Xen that can be exploited by an attacker to obtain sensitive information from uninitialized locations in the host OS kernel memory by not enabli...
CVE-2015-8553
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777...