CVE-2023-21671

CVE-2023-21671 is described across multiple sources as a memory corruption issue in Core during a syscall for the Sectools Fuse comparison feature. Public descriptions consistently state memory corruption in a Qualcomm-related Core/closed-source component, with a local attacker and high to critic...

PT-2023-9485 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.55-d23900f.ppcnf-fsp2 Description: The issue is related to a problem in the ret from syscall function where the check for icache 44x need flush is done. When the flush is needed, the code jumps out-of-line t...

FreeBSD-SA-23:13.capsicum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:13.capsicum Security Advisory The FreeBSD Project Topic: copyfilerange insufficient capability rights check Category: core Module: capsicum Announced:...

FreeBSD -- copy_file_range insufficient capability rights check

Problem Description: The syscall checked only for the CAPREAD and CAPWRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the syscall must additionally require the CAPSEEK capability. Impact: A sandboxed process with on...

USN-6385-1 linux-oem-6.0 vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 William Zhao discovered that the Traffic Control TC...

Oracle Linux 5 : ELSA-2014-1143-1: / kernel (ELSA-2014-11431)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-11431 advisory. - kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially...

use-after-free flaw found in cgroup1_parse_param (possible denial of service)

A use-after-free flaw was found in cgroup1parseparam in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service ...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2023-2488)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can le...

USN-6256-1 linux-iot vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

USN-6254-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the doprlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0458 It was discovered that a race...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2871-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2871-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-2272)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode swit...

Exploit for NULL Pointer Dereference in Linux Linux_Kernel

DECPwn Practicing different Linux kernel exploitation techniqu...

USN-6171-1: Linux kernel vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the TUN/TAP driver in t...

USN-6171-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the TUN/TAP driver in t...

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2023-2020)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can le...

Acheron - Indirect Syscalls For AV/EDR Evasion In Go Assembly

Acheron is a library inspired by SysWhisper3/FreshyCalls/RecycledGate, with most of the functionality implemented in Go assembly. acheron package can be used to add indirect syscall capabilities to your Golang tradecraft, to bypass AV/EDRs that makes use of usermode hooks and instrumentation...

Hades - Go Shellcode Loader That Combines Multiple Evasion Techniques

Hades is a proof of concept loader that combines several evasion technques with the aim of bypassing the defensive mechanisms commonly used by modern AV/EDRs. Usage The easiest way, is probably building the project on Linux using make. git clone https://github.com/f1zm0/hades && cd hades make The...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2023-1978)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a...

Fedora 37 : golang (2023-12504e8774)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-12504e8774 advisory. go1.19.9 released 2023-05-02 includes three security fixes to the html/template package, as well as bug fixes to the compiler, the runtime, and the crypto/tl...