175 matches found
kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...
CVE-2023-0459 Copy_from_user Spectre-V1 Gadget in Linux Kernel
Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...
CVE-2023-0459 Copy_from_user Spectre-V1 Gadget in Linux Kernel
Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...
SUSE CVE-2013-2195
The Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations...
SUSE CVE-2019-9455
In the Android kernel in the video driver there is a kernel pointer leak due to a WARNON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...
kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...
kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...
kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...
CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.15.6)
The version of AOS installed on the remote host is prior to 5.15.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.15.6 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and...
CVE-2022-20064
In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617...
CVE-2022-20064
In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617...
Out-of-bounds
In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617...
CVE-2022-20064
In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617...
CVE-2022-20064
CVE-2022-20064 affects MediaTek’s ccci subsystem, where an incorrect bounds check can leak a kernel pointer. This enables local information disclosure with System execution privileges required, and exploitation does not require user interaction. Technical details across multiple sources confirm t...
PT-2022-14310 · Ccci · Ccci
Name of the Vulnerable Software and Affected Versions: ccci affected versions not specified Description: The issue is related to an incorrect bounds check, which could lead to a leak of kernel pointer. This might result in local information disclosure, requiring System execution privileges for...
多款 MediaTek 产品缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in several MediaTek products, which stems from an incorrect boundary check in ccci, where a kernel pointer may be leaked...
USN-5368-1: Linux kernel vulnerabilities
It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 It was discovered that the network traffic contro...
Exploring a New Class of Kernel Exploit Primitive
The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen whe...
Exploring a New Class of Kernel Exploit Primitive
The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen whe...