CVE-2024-35250

CVE-2024-35250 is a Windows kernel‑mode driver LPE in ks.sys (Kernel Streaming core) caused by an untrusted pointer dereference. PoCs and exploits exist (e.g., PoCs on GitHub; KS driver) with active demonstrations, and exploitation has been observed in public material. Microsoft addressed the iss...

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

...

PT-2024-4291 · Microsoft · Windows Kernel-Mode Driver +2

Name of the Vulnerable Software and Affected Versions: Windows Kernel-Mode Driver affected versions not specified Description: The issue is related to an untrusted pointer dereference weakness in the Microsoft Kernel Streaming Service MSKSSRV.SYS, allowing local attackers to gain SYSTEM privilege...

Microsoft Windows Kernel Mode Drivers Security Vulnerability

Microsoft Windows Kernel Mode Drivers is a Windows kernel mode driver from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel Mode Drivers. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Windo...

PT-2024-4289 · Microsoft · Windows Kernel-Mode Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Kernel-Mode Driver affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource, which can allow an attacker to elevate their privileges. This is a local privilege...

Microsoft Windows Kernel-Mode Drivers Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel-Mode Drivers. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 18...

KLA68914 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in DNS...

SUSE CVE-2021-47534

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Add missing drmcrtccommitput Commit 9ec03d7f1ed3 "drm/vc4: kms: Wait on previous FIFO users before a commit" introduced a global state for the HVS, with each FIFO storing the current CRTC commit so that we can...

CVE-2021-47563

A vulnerability was found in the Linux kernel's ice driver, where the addpbleprm function improperly manages the reference counting of the bpfprog object. This issue occurs during the VSI rebuild process, causing a reference count underflow when an old program is mistakenly decremented while stil...

CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...

CVE-2021-47563

In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpfprog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndobpf op and VSI rebuild flow. The latter takes place for example when user changes queue count on an interface...

CVE-2021-47557

In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: don't peek at classes beyond 'nbands' when the number of DRR classes decreases, the round-robin active list can contain elements that have already been freed in etsqdiscchange. As a consequence, it's possible t...

CVE-2021-47563

In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpfprog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndobpf op and VSI rebuild flow. The latter takes place for example when user changes queue count on an interface...

CVE-2021-47572 net: nexthop: fix null pointer dereference when IPv6 is not enabled

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...

CVE-2021-47463 mm/secretmem: fix NULL page->mapping dereference in page_is_secretmem()

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping before dereferencing the mapping in pageissecretmem, as the page's mapping can be nullified while gup is running, e.g. by reclaim or...

CVE-2021-47463 mm/secretmem: fix NULL page->mapping dereference in page_is_secretmem()

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping before dereferencing the mapping in pageissecretmem, as the page's mapping can be nullified while gup is running, e.g. by reclaim or...

CVE-2021-47463

CVE-2021-47463 concerns a Linux kernel NULL pointer dereference in mm/secretmem during GUP operations. The issue arises from dereferencing page->mapping without ensuring it is non-NULL as a page mapping can be nulled while gup() runs (e.g., by reclaim or truncation). A fix was implemented to ...

CVE-2023-52817 drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpuregssmc file could result in an abnormal null pointer access when the smcrreg pointer is NULL...

CVE-2023-52817 drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpuregssmc file could result in an abnormal null pointer access when the smcrreg pointer is NULL...

CVE-2021-47375

In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...