1366 matches found
FreeBSD Jails Shared Memory Handling Local Security Bypass Vulnerability
FreeBSD is a type of UNIX operating system, an important branch of Unix that evolved from BSD, 386BSD and 4.4BSD. FreeBSD suffers from a local security bypass vulnerability that can be exploited by an attacker to bypass certain security restrictions and perform unauthorized operations. This may...
EulerOS 2.0 SP1 : openssh (EulerOS-SA-2017-1138)
According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is...
tigervnc and fltk security, bug fix, and enhancement update
fltk 1.3.4-1 - Re-base to 1.3.4 + sync with Fedora tigervnc 1.8.0-1 - Update to 1.8.0 Resolves: bz1388620 1.7.90-2 - Make RandR callbacks optional Resolves: bz1444948 1.7.90-1 - Update to 1.7.90 Resolves: bz1388620 1.7.1-3 - Delete underlying ssecurity in SSecurityVeNCrypt CCVE-2017-7392 Resolves...
iOS / macOS - xpc_data Objects Sandbox Escape Privelege Escalation Exploit
Exploit for multiple platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1247 When XPC serializes large xpcdata objects it creates mach memory entry ports to represent the memory region then transfers that region to the receiving process by sendin...
[SECURITY] Fedora 24 Update: libdb-5.3.28-24.fc24
The Berkeley Database Berkeley DB is a programmatic toolkit that provides embedded database support for both traditional and client/server applications. The Berkeley DB includes B+tree, Extended Linear Hashing, Fixed and Variable-length record access methods, transactions, locking, logging, share...
Analysis Firefox the shared array buffer of the UAF exploit-vulnerability warning-the black bar safety net
This article explores the structured cloning algorithm to handle the shared array buffer occurs when a reference leakage problems. While the lack of overflow checking, can be exploited to execute arbitrary code. Is divided into the following sections: Background, vulnerability, summary We exploit...
Google Android Qualcomm Shared Memory Driver Elevation of Privilege Vulnerability
Google Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, and the Qualcomm Shared Memory Driver is a Qualcomm-developed shared memory driver that is used in the... The Qualcomm Shared Memory Driver is a Qualcomm-developed shared memory...
BSA-2017-275
Security Advisory ID : BSA-2017-275 Component : OpenSSH Revision : 2.0: Final The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges ...
CVE-2016-10296
An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10290
An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10290
An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10296
An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10290
An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10290
CVE-2016-10290 is an elevation-of-privilege issue in the Qualcomm Shared Memory Driver used on Android. The vulnerability could allow a local malicious application to execute arbitrary code in the kernel context by exploiting the shared memory driver. The entry specifies that exploitation is loca...
DEBIAN-CVE-2016-10121
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges...
UBUNTU-CVE-2016-10121
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges...
Apple macOS / IOS 10.12.2(16C67) - mach_msg Heap Overflow Exploit
Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1083 When sending ool memory via |machmsg| with |deallocate| flag or |MACHMSGVIRTUALCOPY| flag, |machmsg| performs moving the memory to the destination process instead of copyin...
Apple macOSIOS 10.12.2 (16C67) - mach_msg Heap Overflow
Apple macOSIOS 10.12.2 16C67 - machmsg Heap Overflow / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1083 When sending ool memory via |machmsg| with |deallocate| flag or |MACHMSGVIRTUALCOPY| flag, |machmsg| performs moving the memory to the destination process instead of copyi...
Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1083 When sending ool memory via |machmsg| with |deallocate| flag or |MACHMSGVIRTUALCOPY| flag, |machmsg| performs moving the memory to the destination process instead of copying it. But it doesn't consider the memory entry objec...
Apache 2.2 - Scoreboard Invalid Free On Shutdown Vulnerability
Exploit for linux platform in category dos / poc Source: http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/ Introduction Apache 2.2 webservers may use a shared memory segment to share child process status information scoreboard between the child processes and the parent...