Issue in balance update in setCap

Handle 0xsanson Vulnerability details Impact During Controller.setCap we change vaultDetailsvault.balance to vaultDetailsvault.balance.subbalance. This is wrong, and the correct value should be vaultDetailsvault.balance.subdiff, because diff is the value withdrawn from the strategy. High risk...

Updated glib2.0 packages fix security vulnerabilities

Fix various instances within GLib where gmemdup was vulnerable to a silent integer truncation and heap overflow problem discovered by Kevin Backhouse, work by Philip Withnall 2319 Fix some issues with handling over-long invalid input when parsing for GDate !1824 Don't load GIO modules or parse...

Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' / 'SO_RCVBUFFORCE' Local Privilege Escalation

// CAPNETADMIN - root LPE exploit for CVE-2016-9793 // No KASLR, SMEP or SMAP bypass included // Affected kernels: 3.11 - 4.8 // Tested in QEMU only // https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793 // // Usage: // gcc -pthread exploit.c -o exploit // chown guest:guest exploit...

CVE-2000-0506

The CVE refers to the Linux kernel capabilities feature prior to 2.2.16. Local users can cause a denial of service or gain privileges by manipulating capabilities to prevent a setuid program from dropping privileges. The provided documents do not include exploit details or a specified fix/patch i...