lcytxw

2 exploits Active since Jun 2018
CVE-2018-12714 WRITEUP CRITICAL WORKING POC
Linux Kernel 4.17-4.17.2 - Out-of-bounds Write in Trace Events Filter Parsing
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls.
CVSS 9.8
CVE-2018-12896 WRITEUP MEDIUM WORKING POC
Linux Kernel < 4.17.3 - Integer Overflow in POSIX Timer Overrun Accounting
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.
CVSS 5.5