Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability

Summary A memory corruption vulnerability exists in the AFAZSPIO socket functionality of Microsoft Azure Sphere 20.05. A sequence of socket operations can cause a double-free and out-of-bounds read in the kernel. An attacker can write a shellcode to trigger this vulnerability. Tested Versions...

CVE-2016-4951

The tipcnlpubldump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a dumpit operation...

PHP 4.x - 'socket_recvfrom()' Signed Integer Memory Corruption

source: https://www.securityfocus.com/bid/7198/info A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socketrecvfrom and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied...