Apple macOS 10.12 16A323 XNU Kernel / iOS 10.1.1 - 'set_dp_control_port' Lack of Locking Use-After-Free

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=965 setdpcontrolport is a MIG method on the hostprivport so this bug is a root-kernel escalation. kernreturnt setdpcontrolport hostprivt hostpriv, ipcportt controlport if hostpriv == HOSTPRIVNULL return KERNINVALIDHOST; if...

The vulnerability of the gr gpio irq_unmap() function in the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s drivers/gpio/gpio-grgpio.ko kernel module relates to mutual locking in the implementation of the gr gpio irqunmap handler. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting an Aeroflex Gaisler GRGPIO Gener...

The vulnerability of the loaded module for kernel drivers/staging/media/lirc/lirc_imon.ko in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the loaded module containing the Linux kernel’s drivers/staging/media/lirc/lircimon.ko is related to mutual locking in the implementation of the imonprobe handler. Exploiting this vulnerability allows an attacker to cause a system failure when connecting the SoundGraph iMON...

openSUSE Security Update : dbus-1 (openSUSE-2016-1206)

This update for dbus-1 to version 1.8.22 fixes several issues. This security issue was fixed : - boo1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. These non-security issues were fixed : - boo978477: Correctly reset timeouts for pending fi...

Security update for systemd (important)

This update for systemd fixes the following security issue: - CVE-2016-7796: A zero-length message received over systemd's notification socket could make managerdispatchnotifyfd return an error and, as a side effect, disable the notification handler completely. As the notification socket is...

openSUSE Security Update : systemd (openSUSE-2016-1184)

This update for systemd fixes the following issues : - CVE-2016-7796: A zero-length message received over systemd's notification socket could make managerdispatchnotifyfd return an error and, as a side effect, disable the notification handler completely. As the notification socket is...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2016:2476-1)

This update for systemd fixes the following security issue : - CVE-2016-7796: A zero-length message received over systemd's notification socket could make managerdispatchnotifyfd return an error and, as a side effect, disable the notification handler completely. As the notification socket is...

SUSE-SU-2016:2476-1 Security update for systemd

This update for systemd fixes the following security issue: - CVE-2016-7796: A zero-length message received over systemd's notification socket could make managerdispatchnotifyfd return an error and, as a side effect, disable the notification handler completely. As the notification socket is...

Warning — You Can't Install Linux On Microsoft Signature Edition PCs from Lenovo

In past few months, Microsoft opened the source code of a lot of its projects, convincing people that the company loves Linux. But a new report shows that Microsoft is not really a big supporter of Linux. Microsoft has banned Linux on some Windows 10 powered Signature Edition PCs, which provides...

WAS - Automatic USB Drive Malware Scanning Tool For The Security-Minded Person

Author: Fabio Baroni http://www.pentest.guru/ @Fabiothebest89 How many times have you plugged in a USB drive and double clicked on a file without scanning for malware? I guess, MANY. Wait A Sec! Even if you are a security guy, you'll often be in a hurry or absent minded and you trust your USB dri...

CVE-2016-3898

Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service loss of locked-screen 911 TTY functionality via a crafted application that modifies the TTY mode by broadcasting an intent, aka internal bug...

winfsp - Windows File System Proxy

WinFsp is a set of software components for Windows computers that allows the creation of user mode file systems. In this sense it is similar to FUSE Filesystem in Userspace, which provides the same functionality on UNIX-like computers. Some of the benefits and features of using WinFsp are listed...

Debian DLA-598-1 : suckless-tools security update

It was discovered that the slock screen locking tool would segfault when the user's account had been disabled. slock called crypt3 and used the return value for strcmp3 without checking to see if the return value of crypt3 was a NULL pointer. If the hash returned by getspnam-sppwdp was invalid,...

Intel BIOS locking mechanism contains race condition that enables write protection bypass - Lenovo Support US

No description provided...

PT-2022-10473 · Caribou +2 · Caribou +2

Name of the Vulnerable Software and Affected Versions: Caribou affected versions not specified Description: A flaw was found in Caribou due to a regression of a previous fix. An attacker could use this flaw to bypass screen-locking applications that leverage Caribou as an input mechanism. The...

The vulnerability of the MySQL database management system allows unauthorized users, after passing authentication, to affect the accessibility of data.

The vulnerability of the Oracle MySQL database management system, related to the MySQL Server component within Oracle MySQL, allows unauthorized users who have passed authentication to affect data accessibility by using the Locking subcomponent...

Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2

Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=772 In IOAccelContext2::clientMemoryForType the lockbusy/unlockbusy should be extended to cover all the code setting up shared memory type 2. At the...

Apple Mac OSX - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=772 In IOAccelContext2::clientMemoryForType the lockbusy/unlockbusy should be extended to cover all the code setting up shared memory type 2. At the moment the lock doesn't protect...

Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=772 In IOAccelContext2::clientMemoryForType the lockbusy/unlockbusy should be extended to cover all the code setting up shared memory type 2. At the moment the lock doesn't protect two threads racing where one reaches the release...

Oracle MySQL Multiple Unspecified Vulnerabilities - 20 (Jun 2016) - Linux

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...