825 matches found
CVE-2016-7383
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer nvlddmkm.sys handler, leading to denial of service or potential escalation of privileges...
Design/Logic Flaw
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer nvlddmkm.sys handler, leading to denial of service or potential escalation of privileges...
NVIDIA Linux GPU Display Driver 304.x < 304.132 / 340.x < 340.98 / 361.93.x < 361.93.03 / 367.x < 367.55 / 370.x < 370.28 Multiple Vulnerabilities
The version of the NVIDIA GPU display driver installed on the remote Linux host is 304.x prior to 304.132, 340.x prior to 340.98, 361.93.x prior to 361.93.03, 367.x prior to 367.55, or 370.x prior to 370.28. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the kernel-mo...
CVE-2016-5195
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write COW feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."...
The Linux kernel through kill to mention the right vulnerability alerts-a vulnerability alert-the black bar safety net
The Linux kernel in the processing memory write copies Copy-on-Write when the existence conditions of competitive vulnerability, the result can be destruction of private read-only memory mapping. A low-privileged local user can exploit this vulnerability to obtain additional read-only memory-mapp...
kernel: mm: privilege escalation via MAP_PRIVATE COW breakage
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on...
MGASA-2016-0347 Updated kernel packages fixes security vulnerabilities
This update is based on the upstream 4.4.26 kernel and fixes at least theese security issues: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An unprivileged local user could use this flaw to ga...
UBUNTU-CVE-2016-5195
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write COW feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."...
Linux SELinux - W+X Protection Bypass via AIO
Linux SELinux - W+X Protection Bypass via AIO / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=854 SELinux has a set of permissions that can be used to prevent processes from creating executable memory mappings that contain data controlled by the process PROCESSEXECMEM,...
SELinux W+X Protection Bypass via AIO
Exploit for linux platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=854 SELinux has a set of permissions that can be used to prevent processes from creating executable memory mappings that contain data controlled by the process PROCESSEXECMEM,...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
UBUNTU-CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
CVE-2016-4480
CVE-2016-4480 affects Xen 4.6.x and earlier. The vulnerability in arch/x86/mm/guest_walk.c mishandles the PS bit in L3/L4 Page Tables, potentially enabling local guest OS users to gain privileges via a crafted memory mapping. Exploitation is local with low complexity; impact is privilege escalati...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
CVE-2016-4480
The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...
Microsoft Windows DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Microsoft Windows DirectX graphics kernel subsystem dxgkrnl.sys, which arises from a program that fails to properly handle objects in memory and...
kernel: kvm: reporting emulation failures to userspace
It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain...