Xen suffers from a broken check in memory_exchange() that permits a PV guest breakout.
Monthly Archives: April 2017
MacOS/iOS fsevents Device Double-Free
The MacOS/iOS kernel suffers from double free due to bad locking in fsevents device.
MacOS audit_pipe_open Off-By-One Memory Corruption
MacOS suffers from a kernel memory corruption due to an off-by-one in audit_pipe_open.
MacOS/iOS bpf Kernel Heap Overflow
The MacOS/iOS kernel suffers from a heap overflow in bpf.
WebKit Synchronous Page Load UXSS
WebKit suffers from a cross site scripting vulnerability via a synchronous page load.
WebKit Focus Event UXSS
WebKit suffers from a cross site scripting vulnerability via a focus event and a link element.
MacOS/iOS necp_open Use-After-Free
The MacOS/iOS kernel suffers from a use-after-free vulnerability due to bad locking in necp_open.
DSA-3828 dovecot – security update
It was discovered that the Dovecot email server is vulnerable to a
denial of service attack. When the dict
passdb and userdb are used
for user authentication, the username sent by the IMAP/POP3 client is
sent through var_expand() to perform %variable expansion. Sending
specially crafted %variable fields could result in excessive memory
usage causing the process to crash (and restart).