1340 matches found
iOS / macOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()
While investigating possible shared memory issues in AGXCommandQueue::processSegmentKernelCommand, I noticed that the size checks used to parse the IOAccelKernelCommand in IOAccelCommandQueue2::processSegmentKernelCommand are incorrect. The IOAccelKernelCommand contains an 8-byte header consistin...
iOSmacOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()
iOSmacOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand While investigating possible shared memory issues in AGXCommandQueue::processSegmentKernelCommand, I noticed that the size checks used to parse the IOAccelKernelCommand in...
iOS/macOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()
While investigating possible shared memory issues in AGXCommandQueue::processSegmentKernelCommand, I noticed that the size checks used to parse the IOAccelKernelCommand in IOAccelCommandQueue2::processSegmentKernelCommand are incorrect. The IOAccelKernelCommand contains an 8-byte header consistin...
Ubuntu 18.04 LTS : Mesa vulnerability (USN-4271-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4271-1 advisory. Tim Brown discovered that Mesa incorrectly handled shared memory permissions. A local attacker could use this issue to obtain and possibly alter sensitive...
openSUSE: Security Advisory for Mesa (openSUSE-SU-2020:0084_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Kernel: page cache side channel attacks
A new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be us...
SUSE SLED12 / SLES12 Security Update : Mesa (SUSE-SU-2020:0145-1)
This update for Mesa fixes the following issues : Security issue fixed : CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability bsc1156015. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
OPENSUSE-SU-2020:0084-1 Security update for Mesa
This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability bsc1156015. This update was imported from the SUSE:SLE-15-SP1:Update update project...
SUSE-SU-2020:0146-1 Security update for Mesa
This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability bsc1156015...
SUSE-SU-2020:0145-1 Security update for Mesa
This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability bsc1156015...
Security update for Mesa (moderate)
openSUSE Security Update: Security update for Mesa Announcement ID: openSUSE-SU-2020:0084-1 Rating: moderate References: 1156015 Cross-References: CVE-2019-5068 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for Mesa fixes t...
SUSE-SU-2020:0132-1 Security update for Mesa
This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability bsc1156015...
SUSE-SU-2020:0111-1 Security update for Mesa
This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability bsc1156015...
Linux: Separate partition for /dev/shm
/dev/shm implements traditional shared memory concept. It is an efficient means of passing data between programs. This script tests if a separate partition exists for /dev/shm. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you ca...
Fedora Update for aspell FEDORA-2019-1e0f7ac968
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
DEBIAN-CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
UBUNTU-CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...