An issue where a provided address with access_ok() is not checked exists in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel up to and including 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
netapp solidfire - |
||
netapp hci management node - |
||
netapp snapprotect - |
||
netapp cn1610_firmware - |
Except one – a 'your phone is now my phone' bug reported months ago and still not fixed Fancy buying a compact and bijou cardboard box home in a San Francisco alley? This $2.5m Android bounty will get you nearly there
Google this week emitted the September edition of its monthly Android security updates – and has left at least one known vulnerability unpatched. Also, in case you missed it, the web giant started rolling out Android 10 a few days ago. The September 2019 bundle of security fixes will be pushed out automatically to Google-branded devices, while those with other Android gear will be fed the fixes by their device manufacturer or mobile carrier. Some of the holes can be patched remotely by the ad ...