1. Reverse Engineering >
  2. Sicherheitslücken >
  3. Qualcomm Snapdragon Auto up to SDM439 Boot Image privilege escalation

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Qualcomm Snapdragon Auto up to SDM439 Boot Image privilege escalation


Exploits vom | Direktlink: vuldb.com Nachrichten Bewertung

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Mobile and Snapdragon Wearables (Chip Software). It has been rated as critical. This issue affects an unknown code block of the component Boot Image Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product....
https://vuldb.com/?id.142721

Externe Quelle mit kompletten Inhalt anzeigen


Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

Diving Deep Into a Pwn2Own Winning WebKit Bug

vom 765.56 Punkte ic_school_black_18dp
Pwn2Own Tokyo just completed, and it got me thinking about a WebKit bug used by the team of Fluoroacetate (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver. It was a part of the chain that earned them $55,000 and was a nifty piece of

CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters

vom 552.9 Punkte ic_school_black_18dp
In April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931

CVE-2020-0729: Remote Code Execution Through .LNK Files

vom 542.27 Punkte ic_school_black_18dp
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, John Simpson and Pengsu Cheng of the Trend Micro Research Team detail a recent remote code execution bug in Microsoft Windows .LNK files. The following is a portion of

Snapdragon Automobile/Wearable/Mobile bis MSM8909W video_fmt_mp4r_process_atom_avc1() Pufferüberlauf

vom 512.91 Punkte ic_school_black_18dp
Es wurde eine kritische Schwachstelle in Snapdragon Automobile, Wearable sowie Mobile ausgemacht. Dabei betrifft es die Funktion video_fmt_mp4r_process_atom_avc1(). Mittels Manipulieren mit einer unbekannten Eingabe kann eine Pufferüberlauf-Schwachstelle ausgenutzt werd

Snapdragon Automobile/Wearable/Mobile bis MSM8909W video_fmt_mp4r_process_atom_avc1() Pufferüberlauf

vom 512.91 Punkte ic_school_black_18dp
Es wurde eine kritische Schwachstelle in Snapdragon Automobile, Wearable sowie Mobile ausgemacht. Dabei betrifft es die Funktion video_fmt_mp4r_process_atom_avc1(). Mittels Manipulieren mit einer unbekannten Eingabe kann eine Pufferüberlauf-Schwachstelle ausgenutzt werd

USN-4041-1: Linux kernel update

vom 436.45 Punkte ic_school_black_18dp
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon update A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubun

USN-4017-1: Linux kernel vulnerabilities

vom 401.9 Punkte ic_school_black_18dp
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubun

MindShaRE: Hardware Reversing with the TP-Link TL-WR841N Router

vom 382.78 Punkte ic_school_black_18dp
In early 2019, we received a bug submission from a new researcher affecting the TP-Link TL-WR841N Router. While this vulnerability is still in disclosure phase, we would like to share lessons learned when we were vetting this submission. TL-WR841N

USN-4135-1: Linux kernel vulnerabilities

vom 358.03 Punkte ic_school_black_18dp
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives

Local Privilege Escalation in Win32k.sys Through Indexed Color Palettes

vom 332.64 Punkte ic_school_black_18dp
This is the second in our series of Top 5 interesting cases from 2019. Each of these bugs has some element that sets them apart from the more than 1,000 advisories released by the program this year. Today’s blog looks a local privilege escalation in t

ZDI-20-709: Heap Overflow in the NETGEAR Nighthawk R6700 Router

vom 318.98 Punkte ic_school_black_18dp
Pwn2Own competitions often inspire people to research products and technologies, even if the researcher does not actively participate in the contest. Such is the case here, where the security researcher known as d4rkn3ss took a closer look at one of

CVE-2020-1181: SharePoint Remote Code Execution Through Web Parts

vom 316.32 Punkte ic_school_black_18dp
Last week, Microsoft released a patch to correct CVE-2020-1181 – a remote code execution bug in the supported versions of Microsoft SharePoint Server. This bug was reported to the ZDI program by an anonymous researcher and as is also known as ZDI-20

Team Security Diskussion über Qualcomm Snapdragon Auto up to SDM439 Boot Image privilege escalation