2417 matches found
Race condition
In coreinforead and instinforead in all Android releases from CAF using the Linux kernel, variable "dbgbuf", "dbgbuf-curr" and "dbgbuf-filledsize" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race condition...
CVE-2017-8244
In coreinforead and instinforead in all Android releases from CAF using the Linux kernel, variable "dbgbuf", "dbgbuf-curr" and "dbgbuf-filledsize" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race condition...
SUSE-SU-2017:0292-1 Security update for dbus-1
This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed: - bsc1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included: - Change the default...
PT-2019-16759 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8 Description: A race condition in the perf event open function allows local attackers to leak sensitive data from setuid programs. This occurs because no relevant locks, specifically the cred guard mutex, are...
openSUSE Security Update : dbus-1 (openSUSE-2016-1206)
This update for dbus-1 to version 1.8.22 fixes several issues. This security issue was fixed : - boo1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. These non-security issues were fixed : - boo978477: Correctly reset timeouts for pending fi...
CVE-2016-2546
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
DEBIAN-CVE-2016-2546
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
Race condition
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
openSUSE Security Update : ghostscript (openSUSE-2016-427)
ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2016:0884-1)
ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...
SUSE-SU-2016:0884-1 Security update for ghostscript
ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed: CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact. Also...
OpenSSH 7.2p1 - Authenticated xauth Command Injection
Exploit for multiple platform in category remote exploits ''' Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115 Version: 0.2 Date: Mar 3rd, 2016 Tag: openssh xauth command injection may lead to forced-command and /bin/false bypass Overview -------- Name: openssh Vendor:...
UBUNTU-CVE-2016-2546
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
openSUSE Security Update : glibc (openSUSE-2016-233)
This update for glibc fixes the following issues : - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex boo956716, BZ 17514 - reinitialize-dlloadwritelock.patch: Reinitialize dlloadwritelock on fork boo958315, BZ 19282 - send-dg-buffer-overflow.patch: Fix...
CVE-2015-1136
Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex...
CVE-2015-1136
CVE-2015-1136 – Apple OS X CoreAnimation UAF flaw : A use-after-free in CoreAnimation (OS X before 10.10.3) allows remote code execution via improper mutex handling. Affected: Apple OS X versions earlier than 10.10.3. Impact per sources: arbitrary code execution and partial information disclosure...
New Technique Complicates Mutex Malware Analysis
Malware analysts have had a measure of success using static mutex values as a fingerprint for detecting and blocking malicious code. These values are used in programming to enable software to synchronize communication between multiple threads or processes, or to determine whether another instance...
SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)
glibc has been updated to fix security issues and bugs : - Fix crashes on invalid input in IBM gconv modules. CVE-2014-6040 / CVE-2012-6656, bsc894553, bsc894556, GLIBC BZ 17325, GLIBC BZ 14134 - Avoid infinite loop in nssdns getnetbyname. CVE-2014-9402 - Don't touch user-controlled stdio locks i...
OracleVM 3.3 : glibc (OVMSA-2014-0017)
The remote OracleVM system is missing necessary patches to address critical security updates : - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, - Don't use alloca in addgetnetgrentX 1087789. - Adjust...
win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase
No description provided by source. I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't exploit the bug while HeavyAllocPool is failing,...