![]() ![]() There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.Īn integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.Īn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.Īn issue was discovered in the Arm Mali GPU Kernel Driver. Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions. The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008.Ī use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. This CVE ID is unique from CVE-2022-35803. Windows Common Log File System Driver Elevation of Privilege Vulnerability. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).Ī NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This only occurs in situations with VM_PFNMAP VMAs.Ī use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. Session hijacking or similar attacks would not be possible.Īn issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions.Īn issue was discovered in WSO2 Enterprise Integrator 6.4.0. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).Ī use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.Ī use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name.Ĭheck Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |