EUVD-2021-9693

Malicious code in bioql PyPI...

CVE-2022-49520 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall

In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESRELx for a bad syscall If a compat process tries to execute an unknown system call above the ARMNRCOMPATEND number, the kernel sends a SIGILL signal to the offending process...

CVE-2022-49520

In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESRELx for a bad syscall If a compat process tries to execute an unknown system call above the ARMNRCOMPATEND number, the kernel sends a SIGILL signal to the offending process...

GSD-2022-1002819 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall

arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

Google Asylo memory read vulnerability

Google Asylo is a framework for developing trusted applications from Google, a US-based company. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation.Google Asylo in version 0.6.1 has a memory read vulnerability vulnerability...

CVE-2021-22552 Memory overread secure enclave in Asylo 0.6.2

An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall number in MessageReader that is then used by sysno and can bypass validation. This can allow the attacker to read memory from within the secure enclave. We recommend updating to Asy...

Google Asylo 缓冲区错误漏洞

Google Asylo is a framework for developing trusted applications from Google, a US-based company. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation.Google Asylo in version 0.6.1 has a memory read vulnerability vulnerability...

Medium: kernel

Issue Overview: arch/x86/kernel/entry32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service OOPS and system crash via an invalid syscall number, as demonstrated by numbe...

CVE-2014-4508

arch/x86/kernel/entry32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service OOPS and system crash via an invalid syscall number, as demonstrated by number 1000...

CVE-2014-4508

arch/x86/kernel/entry32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service OOPS and system crash via an invalid syscall number, as demonstrated by number 1000...

CVE-2014-3917

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS via a large value of a syscall number...

UBUNTU-CVE-2014-3917

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS via a large value of a syscall number...

Oracle Linux 5 : kernel (ELSA-2009-0473)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0473 advisory. - misc exitnotify: kill the wrong capable check 494270 494271 CVE-2009-1337 - misc fork: CLONEPARENT && parentexecid interaction Don Howard 479963 4799...

Adobe Flash Player "Button" Remote Code Execution

This module exploits a vulnerability in the handling of certain SWF movies within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially...

digital-unix4.0-asm-shell.txt

Date: Tue, 26 Jan 1999 15:18:08 -0500 From: Seth Michael McGann To: [email protected] Subject: Re: Digital Unix 4.0 exploitable buffer overflows On Mon, 25 Jan 1999, Lamont Granquist wrote: Previously Digital Unix has been relatively immune to buffer overflow attacks due to the lack of an...