9 matches found
CVE-2019-14287
CVE-2019-14287 affects sudo before 1.8.28. An attacker with a Runas ALL sudoer account can bypass policy blacklists and session PAM modules and cause incorrect logging by invoking sudo with a crafted user ID (example: sudo -u $((0xffffffff))). This corresponds to a local privilege-escalation flaw...
CVE-2019-7221
CVE-2019-7221 is a Use-after-Free in the KVM implementation of the Linux kernel up to version 4.20.5. The vulnerability concerns KVM VMX preemption timer handling and is locally exploitable with low privileges and no user interaction, potentially affecting confidentiality, integrity, and availabi...
CVE-2019-5489
CVE-2019-5489 affects the Linux kernel mincore() implementation (mm/mincore.c) up to version 4.19.13. It enables a local attacker to observe page cache access patterns of other processes sharing memory, leading to potential information disclosure; the impact is described as partial confidentialit...
CVE-2018-19985
CVE-2018-19985 is a Linux kernel vulnerability describing an out-of-bounds read in hso_get_config_data (drivers/net/usb/hso.c) caused by indexing an array with the device-provided if_num. This is a local, kernel-space issue that could lead to a crash. Public IBM advisories for the IBM 4769 toolki...
CVE-2019-7222
The CVE-2019-7222 issue affects the KVM component of the Linux kernel up to version 4.20.5, where a vulnerability allowed information leakage by exposing uninitialized kernel stack contents to a guest. Connected documents explicitly refer to “KVM: leak of uninitialized stack contents to guest (CV...
CVE-2017-7657
CVE-2017-7657 affects Eclipse Jetty: transfer-encoding chunk size parsing could overflow an integer, causing large chunks to be treated as smaller ones and enabling a fake pipelined request that bypasses intermediary authorization. Affected versions include Jetty 9.2.x and older, 9.3.x (all confi...
CVE-2017-3135
ISC BIND 9 DNS64 and RPZ combined can crash the server. CVE-2017-3135 causes an assertion failure or NULL pointer dereference when query responses are rewritten with both DNS64 and RPZ enabled, leading to a denial of service. Affected versions include BIND 9.8.8 and 9.9.3–9.9.9 (S1–S7/P5), 9.9.10...
CVE-2018-20449
CVE-2018-20449 affects the Linux kernel 4.14.90, specifically the hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c. It allows local users to obtain sensitive address information by reading callback= lines in a debugfs file. The issue is evidenced across multiple feeds (NVD, Red Hat, SUSE...
CVE-2018-3627
CVE-2018-3627 is a logic bug in Intel’s Converged Security Management Engine (CSME) 11.x firmware that could allow an attacker with local privileged access to execute arbitrary code. The vulnerability affects Intel CSME 11.x on several generations of Intel CPUs and is described as a local-elevati...