hw: Machine Check Error on Page Size Change (IFU)

A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...

hw: Machine Check Error on Page Size Change (IFU)

A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...

kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...

kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...

SUSE-SU-2019:1769-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-1974 fixes one issue. The following security issue was fixed: - CVE-2019-12817: arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel for powerpc had a bug where unrelated processes may be able to read/write to one another's virtual memory under certain...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

Design/Logic Flaw

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

CVE-2019-12817

CVE-2019-12817 affects the PowerPC Linux kernel: a bug in arch/powerpc/mm/mmu_context_book3s64.c before 5.1.15 can allow unrelated processes to read/write each other’s memory via an mmap above 512 TB on a subset of PowerPC systems. The issue is limited to those platforms; impact is memory confide...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

Intel® Core Processors Memory Mapping Advisory

Summary: A potential security vulnerability in some microprocessors may allow information disclosure. Vulnerability Details: CVEID: CVE-2019-0162 Description: Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information...

Splitting atoms in XNU

Posted by Ian Beer, Google Project Zero TL;DR A locking bug in the XNU virtual memory subsystem allowed violation of the preconditions required for the correctness of an optimized virtual memory operation. This was abused to create shared memory where it wasn't expected, allowing the creation of ...

[SECURITY] [DLA 1731-1] linux security update

Package : linux Version : 3.16.64-1 CVE ID : CVE-2016-10741 CVE-2017-5753 CVE-2017-13305 CVE-2018-3639 CVE-2018-5848 CVE-2018-5953 CVE-2018-12896 CVE-2018-13053 CVE-2018-16862 CVE-2018-16884 CVE-2018-17972 CVE-2018-18281 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169...

Microsoft Windows Multiple Vulnerabilities (KB4489881)

This host is missing a critical security update according to Microsoft KB4489881 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

March 12, 2019—KB4489881 (Monthly Rollup)

March 12, 2019—KB4489881 Monthly Rollup Applications that do not have a manifest that indicates the correct Windows version of 6.3 may receive the scripting error, “Intl is not available”. Ensure that the applications have a manifest with the appropriate Windows version. For more information, see...

Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem Exploit

Linux memrw - accessremotevm - accessremotevm - getuserpagesremote - getuserpageslocked - getuserpages - findextendvma Then, if the VMA in question has the VMGROWSDOWN flag set: expandstack - expanddownwards - securitymmapaddr - capmmapaddr This, if the address is below dacmmapminaddr, does a...

Project Zero Discloses High-Severity Apple macOS Flaw

Researchers have disclosed what they say is a high-severity security flaw in Apple’s MacOS operating system – which has not yet been patched. The flaw gives an attacker privileges to perform malicious actions on a mounted filesystem – without the victim knowing. The Google Project Zero team...

DEBIAN-CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...