UBUNTU-CVE-2024-38667

In the Linux kernel, the following vulnerability has been resolved: riscv: prevent ptregs corruption for secondary idle threads Top of the kernel thread stack should be reserved for ptregs. However this is not the case for the idle threads of the secondary boot harts. Their stacks overlap with...

SUSE CVE-2024-26710

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

SUSE CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

ThreadStackSpoofer - PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode'S Memory Allocation From Scanners And Analysts

A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory. Intro This is an example implementation for Thread Stack Spoofing technique...

CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

UBUNTU-CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

Design/Logic Flaw

DISPUTED GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."...

CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

PT-2019-11440 · Gnu +1 · Glibc +1

Name of the Vulnerable Software and Affected Versions: GNU Libc affected versions not specified Description: The issue is related to a mitigation bypass, where an attacker may bypass ASLR using the cache of thread stack and heap. The component affected is glibc. It is noted that upstream comments...

Fedora 26 : glibc (2018-8e27ad96ed)

This update addresses two security vulnerabilities : - CVE-2017-15670, CVE-2017-15671, CVE-2017-15804: Various vulnerabilities could lead to memory corruption in the glob and glob64 function. RHBZ1505298, RHBZ1504807 - CVE-2017-16997: Check for empty tokens before dynamic string token expansion i...

Fedora 27 : glibc (2018-7714b514e2)

This update addresses two security vulnerabilities : - CVE-2017-16997: Check for empty tokens before dynamic string token expansion in the dynamic linker, so that pre-existing privileged programs with $ORIGIN rpaths/runpaths do not cause the dynamic linker to search the current directory,...