Phil Turnbull

5 exploits Active since Nov 2016
CVE-2016-7917 WRITEUP MEDIUM WRITEUP
Linux Kernel < 4.4.32 - Out-of-bounds Read in nfnetlink_rcv_batch
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.
CVSS 5.0
CVE-2022-47518 WRITEUP HIGH WRITEUP
Linux Kernel < 6.0.11 - Heap-Based Buffer Overflow in WILC1000 Wireless Driver
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames.
CVSS 7.8
CVE-2022-47519 WRITEUP HIGH WRITEUP
Linux Kernel < 6.0.11 - Out-of-bounds Write in WILC1000 Wireless Driver via IEEE80211_P2P_ATTR_OPER_CHANNEL
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames.
CVSS 7.8
CVE-2022-47520 WRITEUP HIGH WRITEUP
Linux Kernel < 6.0.11 - Out-of-bounds Read in WILC1000 Wireless Driver via RSN Information Element
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.
CVSS 7.1
CVE-2022-47521 WRITEUP HIGH WRITEUP
Linux Kernel < 6.0.11 - Heap-Based Buffer Overflow in WILC1000 Wireless Driver via IEEE80211_P2P_ATTR_CHANNEL_LIST
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.
CVSS 7.8