On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. Redis is an in-memory database that persists on disk. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it.Īn issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to one vote per person.Īn issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. This is due to improper restrictions on the add() function. The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |