CVE-2016-8456

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

MS16-008: Description of the security update for Windows Kernel: January 12, 2016

MS16-008: Description of the security update for Windows Kernel: January 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted applicatio...

Cumulative Update for Windows 10 Version 1511: January 12, 2016

Cumulative Update for Windows 10 Version 1511: January 12, 2016 Summary This security update for Windows 10 Version 1511 includes improvements in the functionality of Windows 10 Version 1511 and resolves the following vulnerabilities in Windows: 3124605 MS16-008: Security update for Windows kerne...

Cumulative update for Windows 10: September 20, 2016

Cumulative update for Windows 10: September 20, 2016 Summary We encountered a network transmission issue that affected update 3185611, published on September 13, 2016. The quickest way to address this issue was to reissue the update to all Content Delivery Networks. This new update package,...

SUSE-SU-2016:3206-1 Security update for Linux Kernel Live Patch 1 for SLE 12 SP2

This update for the Linux Kernel 4.4.21-81 fixes several issues. The following security bugs were fixed: - CVE-2016-8655: A race condition in the afpacket packetsetring function could be used by local attackers to crash the kernel or gain privileges bsc1012759. - CVE-2016-9555: The sctpsfootb...

SUSE-SU-2016:3146-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues. The following security bugs were fixed: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg or /dev/bsg to elevate their privileges bsc1013604. -...

Amazon Linux AMI : kernel (ALAS-2016-772)

CVE-2016-8645 kernel: a BUG statement can be hit in net/ipv4/tcpinput.c It was discovered that the Linux kernel since 3.6-rc1 with net.ipv4.tcpfastopen; set to 1 can hit BUG statement in tcpcollapse function after making a number of certain syscalls leading to a possible system crash. CVE-2016-86...

CVE-2015-8970

crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is processed, which allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted applicatio...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:2912-1)

The SUSE Linux Enterprise 12 kernel was updated to 3.12.67 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-7042: The prockeysshow function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowe...

RedHat Update for kernel RHSA-2016:2766-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2016-7910

Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed...

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5 Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=944 The DxgkDdiEscape handler for 0x70000d5 lacks bounds checks: ... if gsavedsize escape-size = gsavedsize; if unsigned intgsavedsize 0 do v5 = v2++; escape-datav5 = globalarrayv5...

NVIDIA Driver - No Bounds Checking in Escape 0x7000170 Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=936 The DxgkDdiEscape handler for 0x7000170 lacks proper bounds checks for the variable size input escape data, and relies on a user provided size as the upper bound for writing...

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=944 The DxgkDdiEscape handler for 0x70000d5 lacks bounds checks: ... if gsavedsize escape-size = gsavedsize; if unsigned intgsavedsize 0 do v5 = v2++; escape-datav5 =...

NVIDIA Driver - No Bounds Checking in Escape 0x7000170

NVIDIA Driver - No Bounds Checking in Escape 0x7000170 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=936 The DxgkDdiEscape handler for 0x7000170 lacks proper bounds checks for the variable size input escape data, and relies on a user provided size as the upper bound for writin...

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=944 The DxgkDdiEscape handler for 0x70000d5 lacks bounds checks: ... if gsavedsize escape-size = gsavedsize; if unsigned intgsavedsize 0 do v5 = v2++; escape-datav5 = globalarrayv5 + 77; while v2 size 0 do ii = i++; globalarrayii +...

NVIDIA Driver - No Bounds Checking in Escape 0x7000170

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=936 The DxgkDdiEscape handler for 0x7000170 lacks proper bounds checks for the variable size input escape data, and relies on a user provided size as the upper bound for writing output. Crashing context with PoC Win 10 x64 with...

SUSE-SU-2016:2637-1 Security update for Linux Kernel Live Patch 6 for SLE 12 SP1

This update for the Linux Kernel 3.12.59-6045 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed...

SUSE-SU-2016:2634-1 Security update for Linux Kernel Live Patch 3 for SLE 12 SP1

This update for the Linux Kernel 3.12.53-6030 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed...