CVE-2015-5863

CVE-2015-5863 refers to a memory initialization issue in IOStorageFamily that could allow a local attacker to read kernel memory. The vulnerability is cited in Apple advisories covering OS X El Capitan 10.11 as well as related iOS subsystems, indicating a kernel-level memory disclosure risk via I...

CVE-2015-5863

IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors...

kernel: ASLR bruteforce possible for vdso library

An information leak flaw was found in the way the Linux kernel's Virtual Dynamic Shared Object vDSO implementation performed address randomization. A local, unprivileged user could use this flaw to leak kernel memory addresses to user-space...

kernel: ASLR bruteforce possible for vdso library

An information leak flaw was found in the way the Linux kernel's Virtual Dynamic Shared Object vDSO implementation performed address randomization. A local, unprivileged user could use this flaw to leak kernel memory addresses to user-space...

kernel: ASLR bruteforce possible for vdso library

An information leak flaw was found in the way the Linux kernel's Virtual Dynamic Shared Object vDSO implementation performed address randomization. A local, unprivileged user could use this flaw to leak kernel memory addresses to user-space...

Microsoft Windows CDD Font Parsing Kernel Memory Corruption

Talos Vulnerability Report TALOS-2015-0007 Microsoft Windows CDD Font Parsing Kernel Memory Corruption September 15, 2015 CVE Number CVE-2015-2506 Description An exploitable kernel memory corruption vulnerability exists in Microsoft Windows. A specially crafted font file can cause the Microsoft...

MGASA-2015-0337 Updated openafs package fixes security vulnerabilities

Updated openafs packages fix security vulnerabilities: Memory allocated by vos for VLDB entry structures was not cleared prior to use, meaning stack data could be sent over the network, possibly in the clear if crypt mode was not in use CVE-2015-3282. The default use by bos of clear rather than...

Updated openafs package fixes security vulnerabilities

Updated openafs packages fix security vulnerabilities: Memory allocated by vos for VLDB entry structures was not cleared prior to use, meaning stack data could be sent over the network, possibly in the clear if crypt mode was not in use CVE-2015-3282. The default use by bos of clear rather than...

Fortinet FortiClient Driver File Disclosure Vulnerability

Fortinet FortiClient is a Fortinet endpoint security solution that provides end users with anti-virus, encryption and other services. A driver file disclosure vulnerability exists in Fortinet FortiClient versions prior to 5.2.4, which allows local users to read arbitrary kernel memory via a...

Design/Logic Flaw

The 1 mdare6448.sys, 2 mdare3248.sys, 3 mdare3252.sys, and 4 mdare6452.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call...

CVE-2015-4077

The 1 mdare6448.sys, 2 mdare3248.sys, 3 mdare3252.sys, and 4 mdare6452.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call...

CVE-2015-4077

Fortinet FortiClient 5.2.x affected drivers mdare64_48.sys, mdare32_48.sys, mdare32_52.sys, and mdare64_52.sys. CVE-2015-4077 describes a local privilege escalation: IOCTL 0x22608C allows reading arbitrary kernel memory, enabling local users to read kernel contents. Fortinet fixed the issue in Fo...

CVE-2015-4077

The 1 mdare6448.sys, 2 mdare3248.sys, 3 mdare3252.sys, and 4 mdare6452.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call...

UBUNTU-CVE-2015-5697

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call...

Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table Exploit

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=386&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files, such as: ---...

Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table Exploit

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=392&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files, such as: ---...

Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table

Source: https://code.google.com/p/google-security-research/issues/detail?id=386&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files, such as: --- DRIVERPAGEFAULTINFREEDSPECIALPOOL d5 Memory was referenced after it...

Apple OS X Bluetooth Kernel Memory Layout Disclosure Vulnerability

Apple OS X is a BSD-based operating system distributed by Apple. A security vulnerability in the Apple OS X Bluetooth module allows attackers to exploit the vulnerability to obtain kernel memory information...

CVE-2015-5768

AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app...

Memory corruption

AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app...