6605 matches found
DLA-439-1 linux-2.6 - security update
Bulletin has no description...
CVE-2016-2383
The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...
CVE-2015-8575
The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application...
McAfee Total Protection Multiple Vulnerabilities - Windows
McAfee Total Protection is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2015-8772
McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from kernel memory or cause a denial of service system crash via a large VERIFYINFORMATION.Length value in an IOCTLDISKVERIFY ioctl call...
Security update for the Linux Kernel (important)
The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable release, and also includes security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc96207...
Apple Mac OSX - gst_configure Kernel Buffer Overflow
Apple Mac OSX - gstconfigure Kernel Buffer Overflow / Source: https://code.google.com/p/google-security-research/issues/detail?id=596 The external method 0x206 of IGAccelGLContext is gstconfigure. This method takes an arbitrary sized input structure passed in rsi but doesn't check the size of tha...
Apple Mac OSX - gst_configure Kernel Buffer Overflow
Exploit for macOS platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=596 The external method 0x206 of IGAccelGLContext is gstconfigure. This method takes an arbitrary sized input structure passed in rsi but doesn't check the size of that...
Apple iOS Kernel Memory Handling Arbitrary Code Execution Vulnerability
Apple iOS is Apple's operating system for several smart devices. A memory corruption vulnerability exists in the Apple iOS kernel processing, allowing a local attacker to execute arbitrary code...
VMware ESXi updates address important guest privilege escalation vulnerability (VMSA-2016-0001)
VMware ESXi updates address important guest privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMware ESXi updates address important guest privilege escalation vulnerability (VMSA-2016-0001) - Remote Version Check
VMware ESXi updates address important guest privilege escalation vulnerability SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
McAfee Application Control swin.sys Memory Corruption (SB10145)
The version of McAfee Application Control is 6.1.0 prior to build 706, 6.1.1 prior to build 404, 6.1.2 prior to build 449, 6.1.3 prior to build 441, or 6.2.0 prior to build 505. It is, therefore, affected by a kernel memory corruption issue in the swin.sys driver when handling a 786 syscall, whic...
FreeBSD -- Linux compatibility layer setgroups(2) system call
Problem Description: A programming error in the Linux compatibility layer setgroups2 system call can lead to an unexpected results, such as overwriting random kernel memory contents. Impact: It is possible for a local attacker to overwrite portions of kernel memory, which may result in a privileg...
CVE-2016-1715
The swin.sys kernel driver in McAfee Application Control MAC 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service memory corruption and system crash or...
McAfee Application Control Kernel Driver Memory Corruption Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of McAfee Application Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2015-8569
The 1 pptpbind and 2 pptpconnect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application...
DEBIAN-CVE-2015-8569
The 1 pptpbind and 2 pptpconnect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application...
DEBIAN-CVE-2015-7885
The dgncmgmtioctl function in drivers/staging/dgnc/dgncmgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...
DEBIAN-CVE-2015-7884
The vividfbioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...
Design/Logic Flaw
The dgncmgmtioctl function in drivers/staging/dgnc/dgncmgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application...