CVE-2022-2402

CVE-2022-2402 involves a kernel stack overflow in the Windows driver dlpfde.sys used by ESET Endpoint Encryption and ESET Full Disk Encryption. A logged-in user can trigger system calls that may overflow the kernel stack, resulting in a system crash (BSOD). Public sources in the connected set ide...

PT-2022-16417 · Unknown · Dlpfde.Sys

Name of the Vulnerable Software and Affected Versions: dlpfde.sys affected versions not specified Description: The issue enables a logged-in user to make system calls, potentially causing a kernel stack overflow. This can result in a system crash, such as a BSOD. Recommendations: At the moment,...

ESET Endpoint Encryption 和 ESET Full Disk Encryption 缓冲区错误漏洞

ESET Endpoint Encryption EEE and ESET Full Disk Encryption EFDE are both products of ESET Slovakia.ESET Endpoint Encryption is a comprehensive security application. Designed to protect your data, both at rest and in transit, ESET Full Disk Encryption is a full disk encryption solution implemented...

CVE-2022-20382

In TBD of TBD, there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-214245176References:...

CVE-2022-20382

In TBD of TBD, there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-214245176References:...

PUB-A-214245176

In TBD of TBD, there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-2402

The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD...

Code injection

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack...

CVE-2018-19650

Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

DEBIAN-CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

PT-2017-15012 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.8 Description: The HMAC implementation in the Linux kernel does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker to cause a kernel stack buffer overflow by...

kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash

Linux kernel built with the 802.1Q/802.1ad VLANCONFIGVLAN8021Q OR Virtual eXtensible Local Area NetworkCONFIGVXLAN with Transparent Ethernet BridgingTEB GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could...

kernel: Stack overflow via ecryptfs and /proc/$pid/environ

It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Linux Kernel Econet Privilege Escalation

/ half-nelson.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3848 Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local...

Linux Kernel 2.6.36.2 (Ubuntu 10.04) - Half-Nelson.c Econet Privilege Escalation

Linux Kernel 2.6.36.2 Ubuntu 10.04 - Half-Nelson.c Econet Privilege Escalation / half-nelson.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3848 Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the...

NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow

Solaris USB configuration descriptor kernel stack overflow CVE-2011-2295 25 July 2011 Andy Davis of NGS Secure has discovered a High risk vulnerability in Oracle Solaris. A local attacker can send a malformed USB configuration descriptor via a malicious USB device and trigger a kernel stack...

FreeBSD Kernel nfs_mount() Exploit

Exploit for freebsd platform in category local exploits ================================== FreeBSD Kernel nfsmount Exploit ================================== / nfsmountex.c -- Patroklos Argyroudis, argp at domain census-labs.com Local kernel exploit for FreeBSD 8.0, 7.3 and 7.2. FreeBSD...

CVE-2009-2911

SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to 1 cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, 2 cause a denial of service...

CVE-2009-2911

SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to 1 cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, 2 cause a denial of service...