Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002321 advisory. In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. Tenable has...

PT-2019-6820 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.4 Description: A buffer overflow occurs in the Linux kernel, specifically in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which can cause at least memory corruption. Recommendations: For Linux kernel versions...

SSHD-Poison - A Tool To Get Creds Of Pam Based SSHD Authentication

sshd-poison is a tool to get creds of pam based sshd authentication, this is not the easiest way to do that you can create a pam module, or just add auth optional pamexec.so quiet exposeauthtok /bin/bash -c read,-r,x;echo,-e,"env\n$x"somefile in a service configuration, not even the stealthiest t...

CVE-2015-1800

The samsungextdisp driver in the Samsung S4 GT-I9500 I9500XXUEMK8 kernel 3.4 and earlier allows attackers to potentially obtain sensitive information...

CVE-2015-1801

The CVE-2015-1801 entry concerns the Samsung S4 GT-I9500 with the samsung_extdisp driver (kernel 3.4 and earlier). The root cause is a memory corruption flaw in the samsung_extdisp pathway, enabling a local attacker to cause a denial of service or gain privileges. Connected sources reference the ...

CVE-2015-1800

CVE-2015-1800 affects the Samsung S4 GT-I9500 with kernel 3.4 and earlier, via the samsung_extdisp driver. Multiple connected sources indicate the s3cfb_extdsp_ops.c/samsung_extdisp path could disclose sensitive information to a local attacker, enabling information disclosure without requiring us...

Privilege escalation

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2016-8451

CVE-2016-8451 is an elevation-of-privilege vulnerability in the Synaptics touchscreen driver that could allow a local malicious app to execute arbitrary code in kernel context on Android. The Synaptics driver is the affected component; root cause is privilege escalation within the driver enabling...

Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)

Exploit for Android platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule "Allwinner 3.4 Legacy Kernel Local Privilege Escalation", "Description" ...

Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule "Allwinner 3.4 Legacy Kernel Local Privilege Escalation", "Description" = %q This module attempts to exploit a debug backdoor...

Allwinner 3.4 Legacy Kernel Local Privilege Escalation

Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule "Allwinner 3.4 Legacy Kernel Local Privilege Escalation", "Description...

Allwinner 3.4 Legacy Kernel Local Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule "Allwinner 3.4 Legacy Kernel Local Privilege Escalation", "Description" = %q This module attempts to exploit a debug backdoor...

Allwinner 3.4 Legacy Kernel Local Privilege Escalation

This module attempts to exploit a debug backdoor privilege escalation in Allwinner SoC based devices. Vulnerable Allwinner SoC chips: H3, A83T or H8 which rely on Kernel 3.4. Vulnerable OS: all OS images available for Orange Pis, any for FriendlyARM's NanoPi M1, SinoVoip's M2+ and M3, Cuebietech'...

Linux Kernel 3.4 3.13.2 (Ubuntu 13.10) - CONFIG_X86_X32 Arbitrary Write (2)

Linux Kernel 3.4 3.13.2 Ubuntu 13.10 - CONFIGX86X32 Arbitrary Write 2 / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pa...

Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - 'CONFIG_X86_X32' Arbitrary Write (2)

/ Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a kernel address as timeout for recvmmsg, if the...

Linux kernel 3.4+ local root (CONFIG_X86_X32=y)

Exploit for linux platform in category local exploits / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec i...

Linux Kernel 3.4 3.13.2 - recvmmsg x32 compat (PoC)

Linux Kernel 3.4 3.13.2 - recvmmsg x32 compat PoC / PoC trigger for the linux 3.4+ recvmmsg x32 compat bug, based on the manpage https://code.google.com/p/chromium/issues/detail?id=338594 $ while true; do echo $RANDOM /dev/udp/127.0.0.1/1234; sleep 0.25; done / define GNUSOURCE include include...