Privilege Escalation

libuv.so is vulnerable to privilege escalation. The vulnerability exists in the uvprocesschildinit function in process.c due to improper configurations of group privilege downgrade which allows an attacker to gain privileges via unspecified vectors...

CVE-2021-39715

In showregs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

Google Android Information Disclosure Vulnerability (CNVD-2022-44600)

Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which stems from the disclosure of log information in showregs in process.c. An attacker could exploit this vulnerability to cause a local information...

PT-2022-10994 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a possible leak of kernel memory and addresses due to log information disclosure in the show regs function of process.c. This could lead to local...

Google Android 日志信息泄露漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which stems from the disclosure of log information in showregs in process.c. An attacker could exploit this vulnerability to cause a local information...

ASB-A-169505740

In speculationctrlupdate of process.c, there is a possible way to disable Speculative Store Bypass Disable due to a logic error, which allows for side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction i...

CVE-2019-15030

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction via the hardware transactional memory instruction tbegin and then...

CVE-2019-15031

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction via the hardware transactional memory instruction tbegin and then accesses vector registers...

UBUNTU-CVE-2019-15030

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction via the hardware transactional memory instruction tbegin and then...

libuv 'process.c' local elevation of privilege vulnerability

libuv is a web IO library extension for Node.js web application platform. A local elevation of privileges vulnerability exists in libuv. An attacker can exploit this vulnerability to gain elevated privileges or disclose sensitive information...

Null pointer dereference

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...

CVE-2010-1635

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...

CVE-2004-2536

Summary of CVE-2004-2536 : The Linux kernel 2.6.x releases up to 2.6.5 contain a fault in the exit_thread path (process.c) where per-TSS io_bitmap pointers are not invalidated when a process obtains IO permissions via ioperm and later exits. This can allow other processes to access the per-TSS po...