Time Travel Debugging: finding Windows GDI flaws

Introduction Microsoft Patches for October 2018 included a total of 49 security patches. There were many interesting ones including kernel privilege escalation as well as critical ones which could lead to remote code execution such as the MSXML one. In this post we will be analysing a case of a W...

Integer overflow

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable...

Trend Micro OfficeScan Refresh Vulnerability

Trend Micro OfficeScan is a suite of distributed anti-virus software from Trend Micro. A security vulnerability exists in Trend Micro OfficeScan version 11.0 SP1 and XG. The vulnerability is due to a lack of proper validation of the length of user-supplied data before that length is used to...

Apple macOS High Sierra memory corruption vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.IOGraphics is one of the input and output graphics components. A security vulnerability exists in the IOGraphics component in Apple macOS High Sierra versions prior to 10.13.5. The vulnerability can be...

Linux Kernel 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation

Linux Kernel 4.4.0-116 Ubuntu 16.04.4 - Local Privilege Escalation / Ubuntu 16.04.4 kernel priv esc all credits to @bleidl - vnik / // Tested on: // 4.4.0-116-generic 140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x8664 // if different kernel adjust CRED offset + check kernel stack size include...

SUSE-SU-2018:0115-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory bnc1068032. - CVE-2017-5753 / 'SpectreAttack': Local...

CVE-2017-5708

Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector...

CVE-2017-5709

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector...

17-Year-Old MS Office Flaw Lets Hackers Install Malware Without User Interaction

You should be extra careful when opening files in MS Office. When the world is still dealing with the threat of 'unpatched' Microsoft Office's built-in DDE feature, researchers have uncovered a serious issue with another Office component that could allow attackers to remotely install malware on...

Linux Kernel 4.14.0-rc4+ - 'waitid()' Local Privilege Escalation

define GNUSOURCE include include include include include include include struct cred; struct taskstruct; typedef struct cred preparekernelcredt struct taskstruct daemon attributeregparm3; typedef int commitcredst struct cred new attributeregparm3; preparekernelcredt preparekernelcred; commitcreds...

Yet Another Linux Kernel Privilege-Escalation Bug Discovered

Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab Active-Defense Lab researchers, the Linux kernel vulnerability...

Apple macOS High Sierra IOFireWireFamily Memory Corruption Vulnerability

Apple macOS High Sierra is a suite of Apple's proprietary operating systems developed specifically for Mac computers.IOFireWireFamily is one of the FireWire interface drivers. A memory corruption vulnerability exists in the IOFireWireFamily component of Apple macOS High Sierra versions prior to...

CVE-2017-14075

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...

CVE-2017-0787

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722970. References: B-V2017053104...

CVE-2017-12146

The driveroverride implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides...

Apple iOS < 10.3.3 Multiple Vulnerabilities

Binary data appleios1033check.nbin...

About the security content of watchOS 3.2.3 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14393)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14388)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14389)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...