Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests offset calculation out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the Security Monitor SMSyscallStageBaseManifests offset calculation of Microsoft Azure Sphere 21.01. A specially crafted manifest could lead to information disclosure. An attacker can use syscalls to trigger this vulnerability. Tested Versions...

Microsoft Azure Sphere Security Monitor SECTION_ABIDepends denial of service vulnerability

Talos Vulnerability Report TALOS-2021-1311 Microsoft Azure Sphere Security Monitor SECTIONABIDepends denial of service vulnerability August 10, 2021 CVE Number None SUMMARY A denial of service vulnerability exists in the Security Monitor SECTIONABIDepends functionality of Microsoft Azure Sphere...

Microsoft Azure Sphere mount namespace unsigned code execution vulnerability

Summary An unsigned code execution vulnerability exists in the mount namespace functionality of Microsoft Azure Sphere 21.01. A specially crafted shellcode could allow an adversary to execute an arbitrary binary in a tmpfs mount, leading to unsigned code execution. An attacker can switch to a new...