Impact: An application may be able to gain elevated privilegesĭescription: A memory corruption issue was addressed with improved memory handling. Impact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privilegesĭescription: Multiple memory corruption issues were addressed with improved memory handling.ĬVE-2018-4259: Kevin Backhouse of Semmle and ĬVE-2018-4286: Kevin Backhouse of Semmle and ĬVE-2018-4287: Kevin Backhouse of Semmle and ĬVE-2018-4288: Kevin Backhouse of Semmle and ĬVE-2018-4291: Kevin Backhouse of Semmle and Lazy restored states are potentially vulnerable to exploits where one process may infer register values of other processes through a speculative execution side channel that infers their value.Īn information disclosure issue was addressed with FP/SIMD register state sanitization.ĬVE-2018-3665: Julian Stecklina of Amazon Germany, Thomas Prescher of Cyberus Technology GmbH (), Zdenek Sojka of SYSGO AG (), and Colin Percival Impact: Systems using Intel® Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore from another process through a speculative execution side channelĭescription: Lazy FP state restore instead of eager save and restore of the state upon a context switch. This was addressed with improved input validation.ĬVE-2018-4283: working with Trend Micro's Zero Day InitiativeĪvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5 Impact: A local user may be able to read kernel memoryĭescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |