CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability...

Trend Micro Maximum Security tmusa Kernel Driver Untrusted Pointer Dereference Denial of Service Vulnerability

This vulnerability allows local attackers to deny service on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processi...

Vulnerability of Windows operating system kernel drivers, which allows attackers to increase their privileges

The vulnerability of Windows operating system kernel drivers is related to incorrect handling of objects in memory by the kernel-level driver. Exploiting this vulnerability can allow a local attacker to enhance their privileges through a specially created application...

Check Point ZoneAlarm Extreme Security vsdatant Kernel Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

SMB Exploited: WannaCry Use of EternalBlue

Server Message Block SMB is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services. SMB operates over TCP ports 139 and 445. In April 2017, Shadow Brokers released an SMB vulnerability named...

The vulnerability of the kernel file system driver of the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the kernel file system driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the kernel level from a remote location. This issue is considered “critical” due to...

The vulnerability of the Qualcomm Power operating system’s kernel driver allows a hacker to execute arbitrary code.

The vulnerability of the Qualcomm Power operating system’s kernel driver is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code within the kernel context, through a local malicious application...

Avast Free Antivirus aswSnx Kernel Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows attackers to elevate their privileges on vulnerable installations of Avast Free Antivirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the 0x82ac0170 IOCTL by the aswSnx driver in the kernel. An address pass...

VulnCheck KEV: CVE-2017-0263

Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory...

kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...

CVE-2017-0189

An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode, aka "Win32k Elevation of Privilege Vulnerability." This C...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to enhance their privileges through a specially created application...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating locally, to enhance their privileges through a specially crafted application...

SUSE SLES11 Security Update : kernel (SUSE-SU-2017:0912-1)

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following security bug : - CVE-2017-2636: A race condition in the nhdlc tty Linux kernel driver drivers/tty/nhdlc.c could have been exploited to gain a local privilege escalation bnc1027565 Note that Tenable Network Security has...

Integer overflow

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

CVE-2017-6952

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

CVE-2017-6952

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

PYSEC-2017-113

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...