FreeBSD : FreeBSD -- Memory disclosure by stale virtual memory mapping (13d37672-9791-11eb-b87a-901b0ef719ab)

A particular case of memory sharing is mishandled in the virtual memory system. It is possible and legal to establish a relationship where multiple descendant processes share a mapping which shadows memory of an ancestor process. In this scenario, when one process modifies memory through such a...

FreeBSD -- Memory disclosure by stale virtual memory mapping

Problem Description: A particular case of memory sharing is mishandled in the virtual memory system. It is possible and legal to establish a relationship where multiple descendant processes share a mapping which shadows memory of an ancestor process. In this scenario, when one process modifies...

Windows Exploitation Tricks: Trapping Virtual Memory Access

Posted by James Forshaw, Project Zero This blog is a continuation of my series of Windows exploitation tricks. This one describes an exploitation trick I’ve been trying to develop for years, succeeding mostly, more on that later on the latest versions of Windows 10. It’s a trick to trap access to...

Imagemagick Studio ImageMagick::WriteOnePNGImage() Code Issue Vulnerability

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A code issue vulnerability exists in ImageMagick versions 6.9.10-68 through 7.0.8-68,...

PT-2020-16024 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.7.x through 5.8.6 Description: The issue is related to incorrect reference counting of the struct page that backs the vsyscall page, caused by gate page mishandling in the get gate page function in mm/gup.c. This resul...

CVE-2005-1513

Integer overflow in the strallocreadyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request...

USN-4364-1: Linux kernel vulnerabilities

It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-19060 It was discovered that the vhost net driver in the Linux kernel...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the Linux kernel virtual memory implementation. This could allow a local unprivileged user to cause a denial of service...

Memory corruption

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging IRB is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons processes, leading to an...

CVE-2020-1625 Junos OS: Kernel memory leak in virtual-memory due to interface flaps

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging IRB is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons processes, leading to an...

Code injection

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure...

CVE-2019-19339

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure...

CVE-2019-19339

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure...

kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...

The vulnerability in Linux kernel, related to buffer overflows in virtual memory, allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability in Linux kernels is related to buffer overflows in virtual memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information and compromise its integrity and accessibility...

CVE-2019-19339

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure...

CVE-2019-0162

Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access...

Amazon Linux 2 : kernel (ALAS-2019-1366)

A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...

Amazon Linux AMI : kernel (ALAS-2019-1322)

A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...

Important: kernel

Issue Overview: A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host...