Vulnerabilities (Page 21)

Huawei Security Hypervisor Vulnerability

An interesting vulnerability in Huawei’s security hypervisor which Huawei devices use to protect the kernel integrity.The hypervisor provides logging capability, and allows the kernel to access the log buffers via shared memory that the kernel can map into it’s address space…

 

[FreeBSD] Stack overflow in ping

A pretty straight forward stack-based overflow in ping on FreeBSD. It is a little interesting though in that there is one caveat this is teh vulnerable code:

 

XSS on account.leagueoflegends.com via easyXDM

A long chain of issues that leads to XSS in the league of legends (LoL) account subdomain via easyXDM, which is a developer focused JS library that provides an interface for doing cross-origin communication using various protocols.easyXDM consists of a producer-consumer setup, where a producer page exports functions for the consumer page to invoke…

 

ANE_ProgramCreate() multiple kernel memory corruption [CVE-2022-32898]

An out-of-bounds write in the ZinComputeProgramGetNamesFromMultiPlaneLinear() and ZinComputeProgramGetNamesFromMultiPlaneTitledCompressed() functions of the Apple Neural Engine (ANE).These functions are responsible for parsing procedure I/O, and will take some arguments including an output planes array of kernel pointers to user-controlled data, as well as a planeCount for how many planes to copy into that array…