15 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fixed the descriptor address in kvmatswapdesc Using “u64 user hva + offset” to obtain the virtual addresses of S1/S2 descriptors seems incorrect, especially when offset is not zero. What we actually want to get for...
EUVD-2026-25446
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix the descriptor address in kvmatswapdesc Using "u64 user hva + offset" to get the virtual addresses of S1/S2 descriptors looks really wrong, if offset is not zero. What we want to get for swapping is hva + offset,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unverified user queue buffer virtual addresses and sizes...
Demystifying Feature Engineering in Malware Analysis of API Call Sequences
Machine learning ML has been widely used to analyze API call sequences in malware analysis, which typically requires the expertise of domain specialists to extract relevant features from raw data. The extracted features play a critical role in malware analysis. Traditional feature extraction is...
EUVD-2020-7568
Malware in sbrugna...
DEBIAN-CVE-2025-38351
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...
SUSE CVE-2014-3969
Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors...
CVE-2020-15581
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 July 2020...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 July 2020...
grub2-bhyve -- multiple privilege escalations
Reno Robert reports: FreeBSD uses a two-process model for running a VM. For booting non-FreeBSD guests, a modified grub-emu is used grub-bhyve. Grub-bhyve executes command from guest grub.cfg file. This is a security problem because grub was never written to handle inputs from OS as untrusted. In...
dpdk: Information exposure in unchecked guest physical to host virtual address translations
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory...
SUSE SLES12 Security Update : dpdk-thunderxdpdk (SUSE-SU-2018:1492-1)
This update fixes the following issues : - CVE-2018-1059: The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest...
Win10Pcap - Local Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Source: https://github.com/Rootkitsmm/Win10Pcap-Exploit / Win10Pcap kernel-mode driver did not check the virtual addresses which are passed from the user-mode , IOCTL Using Neither Buffered Nor Direct I/O without ProbeForWrite to validating...
UBUNTU-CVE-2014-3969
Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors...
Volatility 2.0 - Advanced Memory Forensics [With Video Demonstration]
Volatility 2.0 - Advanced Memory Forensics With Video Demonstration The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques ar...