SUSE CVE-2014-3196

base/memory/sharedmemorywin.cc in Google Chrome before 38.0.2125.101 on Windows does not properly implement read-only restrictions on shared memory, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors...

SUSE CVE-2014-4171

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service imutex hold by using the mmap system call to access a hole, as demonstrated by interfering with intended...

SUSE CVE-2015-4484

The js::jit::AssemblerX86Shared::lockaddl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service application crash by leveraging the use of shared memory and accessing 1 an Atomics object or 2 ...

SUSE CVE-2015-8994

An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/modphp or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validatepermission=1 setting. The vulnerability details a...

SUSE CVE-2016-10012

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

SUSE CVE-2017-5669

The doshmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget a...

SUSE CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

SUSE CVE-2018-6063

Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page...

SUSE CVE-2018-7686

Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage...

SUSE CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

SUSE CVE-2019-12779

libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames under /dev/shm and /tmp without OEXCL...

SUSE CVE-2020-6796

A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 73 and Firefox ESR68.5...

SUSE CVE-2020-14375

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...

SUSE CVE-2020-29074

scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access by actors other than the current user...

SUSE CVE-2021-3669

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS...

SUSE CVE-2021-21703

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the...

SUSE CVE-2021-26400

AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage...

SUSE CVE-2021-44733

A use-after-free exists in drivers/tee/teeshm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in teeshmgetfromid during an attempt to free a shared memory object...

PT-2023-33228 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.83 Description: The issue is related to the invocation of MMU notifiers in shmem/file collapse paths in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations...

PT-2022-14790 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the page number of shared mem.c, which could lead to code execution in the secure world. This may result in local escalation of privilege without requiring...