Lucene search
K

2417 matches found

Prion
Prion
added 2017/05/12 8:29 p.m.19 views

Race condition

In coreinforead and instinforead in all Android releases from CAF using the Linux kernel, variable "dbgbuf", "dbgbuf-curr" and "dbgbuf-filledsize" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race condition...

6.9CVSS6.6AI score0.00148EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2017/05/12 8:0 p.m.46 views

CVE-2017-8244

In coreinforead and instinforead in all Android releases from CAF using the Linux kernel, variable "dbgbuf", "dbgbuf-curr" and "dbgbuf-filledsize" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race condition...

7CVSS7.3AI score0.00148EPSS
Exploits0
OSV
OSV
added 2017/01/26 11:34 a.m.1 views

SUSE-SU-2017:0292-1 Security update for dbus-1

This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed: - bsc1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included: - Change the default...

7.6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/10/29 12:0 a.m.12 views

PT-2019-16759 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8 Description: A race condition in the perf event open function allows local attackers to leak sensitive data from setuid programs. This occurs because no relevant locks, specifically the cred guard mutex, are...

9.8CVSS7.2AI score0.15073EPSS
Exploits71References267
Tenable Nessus
Tenable Nessus
added 2016/10/24 12:0 a.m.15 views

openSUSE Security Update : dbus-1 (openSUSE-2016-1206)

This update for dbus-1 to version 1.8.22 fixes several issues. This security issue was fixed : - boo1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. These non-security issues were fixed : - boo978477: Correctly reset timeouts for pending fi...

5.6AI score
Exploits0References3
NVD
NVD
added 2016/04/27 5:59 p.m.17 views

CVE-2016-2546

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...

5.1CVSS5.8AI score0.00337EPSS
Exploits0References20
OSV
OSV
added 2016/04/27 5:59 p.m.1 views

DEBIAN-CVE-2016-2546

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...

5.1CVSS6.9AI score0.00337EPSS
Exploits0References1
Prion
Prion
added 2016/04/27 5:59 p.m.21 views

Race condition

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...

4.7CVSS6.3AI score0.00337EPSS
Exploits0References20Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/04/07 12:0 a.m.23 views

openSUSE Security Update : ghostscript (openSUSE-2016-427)

ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...

6.8CVSS7.8AI score0.03748EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/03/25 12:0 a.m.26 views

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2016:0884-1)

ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...

6.8CVSS7.8AI score0.03748EPSS
Exploits0References5
OSV
OSV
added 2016/03/24 11:41 a.m.4 views

SUSE-SU-2016:0884-1 Security update for ghostscript

ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed: CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact. Also...

6.8CVSS9.3AI score0.03748EPSS
Exploits0References4
0day.today
0day.today
added 2016/03/16 12:0 a.m.482 views

OpenSSH 7.2p1 - Authenticated xauth Command Injection

Exploit for multiple platform in category remote exploits ''' Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115 Version: 0.2 Date: Mar 3rd, 2016 Tag: openssh xauth command injection may lead to forced-command and /bin/false bypass Overview -------- Name: openssh Vendor:...

7.1AI score0.37016EPSS
Exploits13
OSV
OSV
added 2016/02/24 12:0 a.m.5 views

UBUNTU-CVE-2016-2546

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...

5.1CVSS6.7AI score0.00337EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2016/02/19 12:0 a.m.77 views

openSUSE Security Update : glibc (openSUSE-2016-233)

This update for glibc fixes the following issues : - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex boo956716, BZ 17514 - reinitialize-dlloadwritelock.patch: Reinitialize dlloadwritelock on fork boo958315, BZ 19282 - send-dg-buffer-overflow.patch: Fix...

9.8CVSS8.5AI score0.89557EPSS
Exploits18References13
NVD
NVD
added 2015/04/10 2:59 p.m.16 views

CVE-2015-1136

Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex...

6.8CVSS7.2AI score0.04153EPSS
Exploits1References4
CVE
CVE
added 2015/04/10 2:0 p.m.68 views

CVE-2015-1136

CVE-2015-1136 – Apple OS X CoreAnimation UAF flaw : A use-after-free in CoreAnimation (OS X before 10.10.3) allows remote code execution via improper mutex handling. Affected: Apple OS X versions earlier than 10.10.3. Impact per sources: arbitrary code execution and partial information disclosure...

6.8CVSS7.2AI score0.04153EPSS
Exploits1References4Affected Software1
ThreatPost
ThreatPost
added 2015/03/09 2:26 p.m.10 views

New Technique Complicates Mutex Malware Analysis

Malware analysts have had a measure of success using static mutex values as a fingerprint for detecting and blocking malicious code. These values are used in programming to enable software to synchronize communication between multiple threads or processes, or to determine whether another instance...

0.3AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/02/11 12:0 a.m.18 views

SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)

glibc has been updated to fix security issues and bugs : - Fix crashes on invalid input in IBM gconv modules. CVE-2014-6040 / CVE-2012-6656, bsc894553, bsc894556, GLIBC BZ 17325, GLIBC BZ 14134 - Avoid infinite loop in nssdns getnetbyname. CVE-2014-9402 - Don't touch user-controlled stdio locks i...

7.8CVSS7.6AI score0.07834EPSS
Exploits5References12
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.46 views

OracleVM 3.3 : glibc (OVMSA-2014-0017)

The remote OracleVM system is missing necessary patches to address critical security updates : - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, - Don't use alloca in addgetnetgrentX 1087789. - Adjust...

7.5CVSS7.6AI score0.18099EPSS
Exploits6References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase

No description provided by source. I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't exploit the bug while HeavyAllocPool is failing,...

7.1AI score
Exploits0
Rows per page
Query Builder