Recherche : [ssd-disclosure]

SSD Advisory - Linux kernel hfsplus slab-out-of-bounds Write - SSD Secure Disclosure https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/

22/03/2025 10:12:34

This advisory describes an out-of-bounds write vulnerability in the Linux kernel that achieves local privilege escalation on Ubuntu 22.04 for active user sessions.

Credit
An independent security researcher working with SSD Secure Disclosure.

Vendor Response
Ubuntu has released the following advisory and fix: https://ubuntu.com/security/CVE-2025-0927

Zyxel VPN Series Pre-auth Remote Command Execution https://ssd-disclosure.com/ssd-advisory-zyxel-vpn-series-pre-auth-remote-command-execution/

04/02/2024 14:03:43

Summary Chaining of three vulnerabilities allows unauthenticated attackers to execute arbitrary command with root privileges on Zyxel VPN firewall (VPN50, VPN100, VPN300, VPN500, VPN1000). Due to recent attack surface changes in Zyxel, the chain described below broke and become unusable – we have decided to disclose this even though it is no longer exploitable. Credit … SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution Read More »

Liens par page

Filtres