Asterisk Project Security Advisory – When handling a WebSocket frame the res_http_websocket module dynamically changes the size of the memory used to allow the provided payload to fit. If a payload length of zero was received the code would incorrectly attempt to resize to zero. This operation would succeed and end up freeing the memory but be treated as a failure. When the session was subsequently torn down this memory would get freed yet again causing a crash. Users of the WebSocket functionality also did not take into account that provided text frames are not guaranteed to be NULL terminated. This has been fixed in chan_sip and chan_pjsip in the applicable versions.

Latest, and possibly earlier versions of K7Sentry.sys kernel mode driver, also named as the ‘K7AV Sentry DeviceDriver’, suffers from an out-of-bounds write condition that can be exploited locally by an attacker in order to execute code with kernel privileges. Successful exploitation of this bug results into vertical privilege escalation.

FreeBSD Security Advisory – There are a number of denial of service issues in the ELF parser used by file(1). An attacker who can cause file(1) or any other applications using the libmagic(3) library to be run on a maliciously constructed input can cause the application to crash or consume excessive CPU resources, resulting in a denial-of-service.

K7Sentry.sys kernel mode driver version 12.8.0.104 suffers from a null pointer dereference vulnerability.

FreeBSD Security Advisory – A programming error in the standard I/O library’s __sflush() function could erroneously adjust the buffered stream’s internal state even when no write actually occurred in the case when write(2) system call returns an error. The accounting mismatch would accumulate, if the caller does not check for stream status and will eventually lead to a heap buffer overflow. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program.

VMware Security Advisory 2014-0014 – AirWatch by VMware product update addresses information disclosure vulnerabilities.

It is possible for users of ICE-X supercomputers to gain access to backups of system configuration databases.

SGI Tempo systems expose a database password in the world readable /etc/odapw file.

/opt/sgi/sgimc/bin/vx, a setuid binary on SGI Tempo systems, allows for privilege escalation.