EUVD-2013-3881

Malware in sbrugna...

EUVD-2013-3886

Malware in sbrugna...

CVE-2013-3949

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the POSIXSPAWNDISABLEASLR and POSIXSPAWNALLOWDATAEXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper program that calls the...

SUSE SLES12 Security Update : ksh (SUSE-SU-2024:2756-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2756-1 advisory. - CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression bsc1160796 Other fixes: ...

SUSE-SU-2024:2756-1 Security update for ksh

This update for ksh fixes the following issues: - CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression bsc1160796 Other fixes: - do not use posixspawn as it lacks proper job handling bsc1224057 - fix segfault in variable substitution...

SUSE: Security Advisory (SUSE-SU-2020:3024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-25533

An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can constru...

Race condition

An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can constru...

SUSE SLES12 Security Update : glibc (SUSE-SU-2020:3024-1)

This update for glibc fixes the following issues : CVE-2020-10029: Fixed a stack corruption from range reduction of pseudo-zero bsc1165784 Use posixspawn on popen bsc1149332, bsc1176013 Correct locking and cancellation cleanup in syslog functions bsc1172085 Fixed concurrent changes on nscd aware...

SUSE SLES12 Security Update : glibc (SUSE-SU-2020:0832-1)

This update for glibc fixes the following issues : CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution bsc1167631. CVE-2020-1751...

SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2020:0262-1)

This update for glibc fixes the following issues : Security issue fixed : CVE-2019-19126: Fixed to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition bsc1157292. Bug fixes : Fixed z15 s390x strstr implementation that can return incorrect...

Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms

posixspawn is a complex syscall which takes a lot of arguments from userspace. The third argument is a pointer to a further arguments descriptor in userspace with the following structure on 32-bit: struct user32posixspawnargsdesc uint32t attrsize; / size of attributes block / uint32t attrp; /...

Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms

Apple XNU Kernel - Memory Corruption due to Integer Overflow in offsetof Usage in posixspawn on 32-bit Platforms posixspawn is a complex syscall which takes a lot of arguments from userspace. The third argument is a pointer to a further arguments descriptor in userspace with the following structu...

Apple macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1104 exechandleportactions is responsible for handling the xnu port actions extension to posixspawn. It supports 4 different types of port PSPASPECIAL, PSPAEXCEPTION, PSPAAUSESSION and PSPAIMPWATCHPORTS For the special, exception...

Apple macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn

Apple macOS Kernel 10.12.3 16D32 - Use-After-Free Due to Double-Release in posixspawn / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1104 exechandleportactions is responsible for handling the xnu port actions extension to posixspawn. It supports 4 different types of port...

MacOS kernel uaf due to double-release in posix_spawn（CVE-2017-2472）

exechandleportactions is responsible for handling the map port actions extension to posixspawn. It supports 4 different types of port PSPASPECIAL, PSPAEXCEPTION, PSPAAUSESSION and PSPAIMPWATCHPORTS For the special, exception and audit the ports it tries to update the new task to reflect the port...

macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn Exploit

Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1104 exechandleportactions is responsible for handling the xnu port actions extension to posixspawn. It supports 4 different types of port PSPASPECIAL, PSPAEXCEPTION,...

CVE-2013-3954

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to 1 cause a denial of service panic via a size value that is inconsistent with a header count field, or 2 obtain sensitive...

CVE-2013-3949

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the POSIXSPAWNDISABLEASLR and POSIXSPAWNALLOWDATAEXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper program that calls the...

Design/Logic Flaw

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the POSIXSPAWNDISABLEASLR and POSIXSPAWNALLOWDATAEXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper program that calls the...