Collaborate Disseminate
The Linux kernel versions 4.9+and supported versions of FreeBSD are vulnerable to denial of service conditions with low rates of specially modified packets. Continue reading VU#962459: TCP implementations vulnerable to Denial of Service
mingw-w64 produces a executable Windows files without a relocations table by default,which breaks compatibility with ASLR. Continue reading VU#307144: mingw-w64 by default produces executables that opt in to ASLR, but are not compatible with ASLR
ASLR is an exploit mitigation technique used by modern Windows platforms. For ASLR to function, Windows executables must contain a relocations table. Despite containing the “Dynamic base” PE header, which indicates ASLR compatibility, Windows executabl… Continue reading VU#307144: mingw-w64 by default produces executables that opt in to ASLR, but are not compatible with ASLR
Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange,which may allow a remote attacker to obtain the encryption key used by the device. Continue reading VU#304725: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
CWE-124: Buffer Underwrite (‘Buffer Underflow’) – CVE-2018-5388 In stroke_socket.c, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. According to th… Continue reading VU#338343: strongSwan VPN charon server vulnerable to buffer underflow
strongSwan VPN’s charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow,resulting in denial of service. Continue reading VU#338343: strongSwan VPN charon server vulnerable to buffer underflow
CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified,known as"Variant 3a"and"Variant 4". Continue reading VU#180049: CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks
Mail clients may leak plaintext messages while decrypting OpenPGP and S/MIME messages. Continue reading VU#122919: OpenPGP and S/MIME mail client vulnerabilities
In some circumstances,some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. The error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions,namely MOV SS and POP SS. Continue reading VU#631579: Hardware debug exception documentation may result in unexpected behavior
Some platforms with integrated GPUs,such as smartphones,may allow both side-channel and rowhammer attacks via WebGL,which may allow a remote attacker to compromise the browser on an affected platform. An attack technique that leverages these vulnerabilities is called"GLitch." Continue reading VU#283803: Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")