![]() Exploiting this issue could lead to escalating privileges to SMM. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution.Īn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.Īn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. This could lead to local denial of service in kernel.Īn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. In camera driver, there is a possible memory corruption due to improper locking. The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.Ī maliciously crafted PKT file when consumed through Subassembl圜omposer.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.Ī maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.Ī maliciously crafted PKT file when consumed through Subassembl圜omposer.exe application could lead to memory corruption vulnerability by read access violation. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. ![]() The impact depends on the privileges of the attacker. OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |