The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationProcess (ProcessVmCounters).
eadda47ffbb9584fc704a4e5ac994aa844e037dd58e116e9d9a0399a2fb05bffThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationJobObject (BasicLimitInformation, ExtendedLimitInformation).
119c7ffafb61c51c765310a245411dafb3a196c1ceec736fb376fc99f5245d87The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!ClientPrinterThunk.
e104ae661a3078758508da50d62e51309809ec20142171a0fbae3515d45ed681The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in DeviceApi (PiDqIrpQueryGetResult, PiDqIrpQueryCreate, PiDqQueryCompletePendedIrp).
20fe3af744abb0a442ff7060c80b06e0bf24932685f850604475164f9ae0b61fThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetRealizationInfo.
4c946dd01242f8164b3928bf8c9844593ada7c52ae83277682519335cb1e3e7bThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetTextMetricsW.
452a60ea7f22d3485fb66dab895858ea5ae5d97f495c40b6a48d443f488ee463The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetOutlineTextMetricsInternalW.
6b0483ac8c7084d6f07518a7b6d52ea02ea6b591c1326fd68c85a80992228041The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiExtGetObjectW.
90e80047a0d4a132243baeb8aa21d9d09ad984a2f1de80601d1524f2fe7763a0The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in exception handling (nt!KiDispatchException).
1b18eec30bf44bae86c16090bb09021fd1989f3f2f01f498da55a5b6f9f6af61The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in nt!NtNotifyChangeDirectoryFile.
f5a62635848b4df66c3c59102dc9f94c3f3f64aebc7d20967a6ba6686ba929abThe Microsoft Windows kernel pool suffers from a memory disclosure in nt!NtQueryVolumeInformationFile (FileFsVolumeInformation).
7a216b3d781e5f5b776596a2e128a625b18fd8d53060b09e7eb8616feefe756dThe Microsoft Windows kernel suffers from a partmgr pool memory disclosure vulnerability in the handling of IOCTL_DISK_GET_DRIVE_LAYOUT_EX.
134ea7f8792cd34df31a86be6a4e9d5ffad6bfeb7e4424af236c06797fbae602The Microsoft Windows kernel suffers from a partmgr pool memory disclosure vulnerability in the handling of IOCTL_DISK_GET_DRIVE_GEOMETRY_EX.
f6a18f75cd5bd00f8723ff33247243f8f2cc1a2f282d950fba1442c7408c376bThe Microsoft Windows kernel suffers from a volmgr pool memory disclosure vulnerability in the handling of IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS.
95f61aaad5708f6ec6b3bf9039b7ee243415d5f2667fb8e8ab3e2bed6bcbea1cMicrosoft Windows suffers from a kernel pool memory disclosure vulnerability in win32k!NtGdiEnumFonts.
306a1a1634d262a01243f82baf4291127e5ae2ead129f1cf59f723e25a7862b1Microsoft Windows Kernel has an issue where the handler of the 0x224000 IOCTL (corresponding to the WmiQueryAllData functionality) implemented by the \\.\WMIDataDevice device in ntoskrnl.exe (as dispatched by the nt!WmipIoControl routine) discloses portions of uninitialized pool memory to user-mode clients.
1bbe97975757a64028b5f82c336696756ad90e05d785106a5f0d998c82d4d0c8Microsoft Windows kernel has an issue where the handler of the IOCTL_MOUNTMGR_QUERY_POINTS IOCTL in mountmgr.sys discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes.
4b122d71bbd6e6667386aec82d9768826730400d6665b2bb1fbd1b425f4e6967The IOCTL sent to the \Device\KsecDD device by the BCryptOpenAlgorithmProvider documented API returns some uninitialized pool memory in the output buffer of the Microsoft Windows kernel.
181298dc8125caa44fe653cf66bdd843a48995cabcaa9871caa7e906bd030711The Microsoft Windows kernel pool suffers from a memory disclosure due to output structure alignment in win32k!NtGdiGetOutlineTextMetricsInternalW.
4e14cf8a1b4405808b8fbc591bba527439874570559f5451600a9def5ef7dc0aUbuntu Security Notice 3329-1 - It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
035f5397513469fc46fe35fc3228e636010806cb370496656d19713eb1f42714Ubuntu Security Notice 3328-1 - It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
0b1eb015a833ea8a4dfab366e58e5ac3b87d72f7670b90113f19c11dec5ad22eUbuntu Security Notice 3327-1 - It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Various other issues were also addressed.
c8c82662c76f129144ea64a38a2922ced4fc5e2dd5cb6bd32a3b70e86b0a7190Ubuntu Security Notice 3326-1 - It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Various other issues were also addressed.
ad46e108752d84316d39abb27edf66eba2d2bdfab7dd2aa8588e99776a86620cUbuntu Security Notice 3324-1 - It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.
2c5ba59805eb07621c353113a2a21f38511aadfb5495a6ed18f4d144cfe959abRed Hat Security Advisory 2017-1546-01 - Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat OpenStack Platform. Security Fix: A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default listening on 0.0.0.0 with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
fab4b6172b79f5f50813530a7ca29d52176b7695c884e682a8698db553cd4b8a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed