9 matches found
CVE-2026-53266 netfilter: bridge: make ebt_snat ARP rewrite writable
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...
PT-2026-52361
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter bridge ebtables SNAT target regarding how the ARP sender hardware address rewrite is handled. While the Ethernet source address rewrite is managed via sk...
CVE-2026-52908 RDMA: During rereg_mr ensure that REREG_ACCESS is compatible
In the Linux kernel, the following vulnerability has been resolved: RDMA: During reregmr ensure that REREGACCESS is compatible If IBMRREREGACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properly pinned as RW. Since the umem is hidden inside each driver's mr stru...
SUSE CVE-2017-1085
In FreeBSD before 11.2-RELEASE, an application which calls setrlimit to increase RLIMITSTACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context...
CVE-2022-41757
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0...
CVE-2022-20239
remappfnrange' here may map out of size kernel memory for example, may map the kernel area, and because the 'vma-vmpageprot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID:...
ASB-A-174259860
In kbasememfromuserbuffer of malikbasememlinux.c, there is a possible remapping of shared read-only memory as write-able due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-27804
JPEG XL aka jpeg-xl through 0.3.2 allows writable memory corruption...
WM-Downloader-3.1.2.2-2010.04.15-(.m3u)
WM Downloader 3.1.2.2 2010.04.15 .m3u Buffer Overflow + DEP Bypass Author: sickness Download : http://mini-stream.net/wm-downloader/ The payload can be replaced with whatever you want, there is enough space. import sys header='EXTM3U\n' junk ='http://'+'\x90' 17400 junk+='\x41'17 eip...