CVE-2024-38252

Technical details about CVE-2024-38252 are not publicly provided in the supplied documents. The records reference a Windows kernel privilege-elevation issue but do not disclose affected components, root cause, or fixes. Monitor for updates.

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

Microsoft Win32k 安全漏洞

Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. A security vulnerability exists in Microsoft Win32k. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Windows 11 version 21H2 for x64-based...

Microsoft Win32k 安全漏洞

Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. A security vulnerability exists in Microsoft Win32k. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are affected: Windows Server 2022,Windows Server 2022...

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability

Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month...

CVE-2024-30086

Technical details about CVE-2024-30086 (affected component, root cause, impact, and fixes) are not provided in the supplied documents. Monitor for updates from Microsoft and official CVE disclosures.

Microsoft Win32 Kernel Subsystem Resource Management Error Vulnerability

Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. A resource management error vulnerability exists in the Microsoft Win32 Kernel Subsystem. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are...

CVE-2024-30049

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability...

CVE-2024-30049

CVE-2024-30049 is a Windows Win32 Kernel Subsystem elevation-of-privilege vulnerability affecting the Win32K component. Public details in connected sources indicate the issue enables elevated privileges with local access (CVSSv3.1: AV=L/AC=L/PR=L/UI=N/S=U/C=H/I=H/A=H; base score 7.8), and multipl...

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

KLA67433 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

kernel: bpf: Disable preemption in bpf_perf_event_output

A flaw was found in the Linux kernel's BPF subsystem. The bpfperfeventoutput function relies on disabled preemption for nesting protection, but when called from uprobes context via bpfprogrunarraysleepable, preemption remains enabled. This allows task preemption during protected sections, leading...

CVE-2024-26792 btrfs: fix double free of anonymous device after snapshot creation failure

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second free may result in...

PT-2023-1007 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a memory access check in the wrong place in multiple functions of mem protect.c, which could lead to local escalation of privilege with System execution...

CVE-2023-22436

The kernel subsystem function checkpermissionforsettokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root...

CVE-2023-22301

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

Memory corruption

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

CVE-2023-22301 The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability.

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

CVE-2023-22301 The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability.

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

Stack overflow

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernelliteosa has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked...