SUSE-SU-2026:20171-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: - CVE-2025-39963: iouring: fix incorrect iokiocb reference in iolinkskb bsc1251982. - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time bsc1253437....

CVE-2023-54233 ASoC: SOF: avoid a NULL dereference with unsupported widgets

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...

CVE-2023-54233

The CVE-2023-54233 issue affects the Linux kernel ASoC/SOF path, where IPC4 topologies containing an unsupported widget could leave the .module_info field unset, leading to a NULL dereference in sof_ipc4_route_setup() and a kernel Oops. A fix adds a guard to handle such cases. Connected sources c...

AZL-56240 CVE-2024-53161 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the "get DIMM info" SMC call consists of memctrlidx left-shifted 16 bits and OR-ed with DIMM index. With memctrlidx defined as 32-bits wide the left-shift...

kernel: ASoC: SOF: avoid a NULL dereference with unsupported widgets

A NULL pointer dereference was found in the Sound Open Firmware SOF driver. When a topology contains an unsupported widget type, the moduleinfo field is NULL, and dereferencing it during route setup crashes the kernel...

Ps-Tools - An Advanced Process Monitoring Toolkit For Offensive Operations

Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding what is going to be the next step within an operation. Collecting and analysing data of running processes from compromised systems gives us a wealth of information and helps us to...

Debian DSA-3908-1 : nginx - security update

An integer overflow has been found in the HTTP range module of Nginx, a high-performance web and reverse proxy server, which may result in information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

Microsoft Windows - Local Privilege Escalation (MS15-010)

Microsoft Windows - Local Privilege Escalation MS15-010 // ex.cpp / Windows XP/2K3/VISTA/2K8/7 WMSYSTIMER Kernel EoP CVE-2015-0003 March 2015 Public Release: May 24, 2015 Tested on: x86: Win 7 SP1 | Win 2k3 SP2 | Win XP SP3 x64: Win 2k8 SP1 | Win 2k8 R2 SP1 Author: Skylake - skylake mail com /...

BullGuard (Multiple Products) - Arbitrary Write Privilege Escalation

BullGuard Multiple Products - Arbitrary Write Privilege Escalation / Exploit Title - BullGuard Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.bullguard.com/ Tested Version - 14.1.285.4 Driver...

BullGuard (Multiple Products) - Arbitrary Write Privilege Escalation

/ Exploit Title - BullGuard Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.bullguard.com/ Tested Version - 14.1.285.4 Driver Version - 1.0.0.6 - BdAgent.sys Tested on OS - 32bit Windows XP SP3...

Symantec Altiris Agent 6.9 (Build 648) - Local Privilege Escalation

Symantec Altiris Agent 6.9 Build 648 - Local Privilege Escalation / Exploit Title - Symantec Altiris Agent Arbitrary Write Privilege Escalation Date - 01st February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.symantec.com Tested Version - 6.9 Build 648 Driver Version...

DriveCrypt 5.3 - Local Kernel Ring0 SYSTEM

/ drivecrypt-dcr.c Copyright c 2009 by DriveCrypt include include include define DCRIOCTL 0x00073800 static unsigned char win32fixup = "\x89\xe5" "\x81\xc5\xb4\x0c\x00\x00"; / Win2k3 SP1/2 - kernel EPROCESS token switcher by mu-b / static unsigned char win2k3ring0shell = / ring0 /...

ESTsoft ALYac Anti-Virus 1.5 < 5.0.1.2 - Local Privilege Escalation

ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called "AYDrvNTALYAC" , and handles the device io control code = 0x223e2...

Rising AntiVirus 2008/2009/2010 Local Privilege Escalation Exploit

RsNtGdi.sys not verify the Irp-UserBuffer address. Exploit code will restore all of the kernel SSDT hook Rising AntiVirus 2008 / 2009 / 2010 none include "stdafx.h" include "windows.h" enum SystemModuleInformation = 11 ; typedef struct ULONG Unknown1; ULONG Unknown2; PVOID Base; ULONG Size; ULONG...