iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd Exploit

mediaserverd has various media parsing responsibilities; its reachable from various sandboxes and is able to talk to interesting kernel drivers so is a valid target in an exploit chain. One of the services it vends is com.apple.audio.AudioFileServer, a fairly simple XPC service which will parse...

iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd

iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd mediaserverd has various media parsing responsibilities; its reachable from various sandboxes and is able to talk to interesting kernel drivers so is a valid target in an exploit chain. One of the services it vends is...

Debian DLA-1993-1 : mesa security update

Tim Brown discovered a shared memory permissions vulnerability in the Mesa 3D graphics library. Some Mesa X11 drivers use shared-memory XImages to implement back buffers for improved performance, but Mesa creates shared memory regions with permission mode 0777. An attacker can access the shared...

[SECURITY] [DLA 1993-1] mesa security update

Package : mesa Version : 10.3.2-1+deb8u2 CVE ID : CVE-2019-5068 Debian Bug : 944298 Tim Brown discovered a shared memory permissions vulnerability in the Mesa 3D graphics library. Some Mesa X11 drivers use shared-memory XImages to implement back buffers for improved performance, but Mesa creates...

[SECURITY] Fedora 30 Update: aspell-0.60.8-1.fc30

GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Its main feature is that it does a much better job of coming up with possible suggestions than just about any other spell checker out there for the English...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

DEBIAN-CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

Code injection

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

UBUNTU-CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

CVE-2019-5068 affects X11 Mesa 3D Graphics Library, specifically version 19.1.2, with an exploitable shared memory permissions vulnerability that allows an attacker to access shared memory locally. The issue is addressed in vendor advisories (e.g., SUSE-SU-2021:3117-1) and OSV entries indicating ...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

X11 Mesa 3D Graphics Library Shared Memory Privilege Vulnerability

X11 Mesa 3D Graphics Library is a 3D graphics library. A shared memory privilege vulnerability exists in X11 Mesa 3D Graphics Library, which can be exploited by an attacker to access shared memory...

X11 Mesa 3D Graphics Library shared memory permissions vulnerability

Summary An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library. An attacker can access the shared memory without any specific permissions to trigger this vulnerability. Tested Versions Mesa 3D X11 Graphics library 19.1.2 Product URLs...

Kernel: page cache side channel attacks

A new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be us...

Security Bulletin: IBM MQ and IBM MQ Appliance Shared memory leak caused by MQ applications using dynamic queues. (CVE-2017-1283)

Summary Shared memory leak caused by MQ applications using dynamic queues. Vulnerability Details CVEID: CVE-2017-1283 DESCRIPTION: IBM WebSphere MQ could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for othe...

Buffer Overflow Vulnerability in Multiple Qualcomm Products (CNVD-2019-27321)

Qualcomm MDM9607 and others are products of Qualcomm Incorporated.MDM9607 is a central processing unit CPU product.MDM9650 is a central processing unit CPU product.SDX20 is a modem. A buffer overflow vulnerability exists in Video Firmware in multiple Qualcomm products, which originates when a...