Saar Amar

**Nome do software vulnerável e versões afetadas** Versões do macOS anteriores à 12.1 Versões do iOS anteriores à 15.2 Versões do iPadOS anteriores à 15.2 **Descrição** Uma condição de corrida foi corrigida com um tratamento aprimorado do estado, o que permitia que um aplicativo malicioso pudesse executar código arbitrário com privilégios de kernel. **Recomendações** Para versões do macOS anteriores à 12.1, atualize para o macOS Monterey 12.1 ou posterior. Para versões do iOS anteriores à 15.2, atualize para o iOS 15.2 ou posterior. Para versões do iPadOS anteriores à 15.2, atualize para o iPadOS 15.2 ou posterior.

**Nome do software vulnerável e versões afetadas** Windows (versões afetadas não especificadas) **Descrição** O problema está relacionado a uma gestão insegura de privilégios no Modo de Kernel Seguro do Windows dos sistemas operacionais Windows. Isso permite que um invasor eleve seus privilégios. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Windows Hyper-V (versões afetadas não especificadas) **Descrição** O problema está relacionado a uma vulnerabilidade de elevação de privilégios. Ela ocorre devido ao tratamento inadequado de objetos na memória pelo Windows Hyper-V em um servidor host. Essa vulnerabilidade pode ser explorada por um invasor para elevar seus privilégios. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

Name of the Vulnerable Software and Affected Versions: QEMU (affected versions not specified) Description: The issue is related to the create cq and create qp functions in the PVRDMA emulator of QEMU, which is associated with insufficient resource release after its valid lifetime has expired. This can be exploited by an attacker to cause a denial of service by creating CQ/QP objects. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: QEMU (affected versions not specified) Description: The issue is related to a memory leak in the `pvrdma realize` function in QEMU's PVRDMA hardware emulator. This leak occurs after an initialization error. The problem is associated with insufficient resource release after its valid lifetime has expired. Exploitation of this issue may allow an attacker to cause a denial of service. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: QEMU (affected versions not specified) Description: The issue is related to the `pvrdma idx ring has` function in the PVRDMA emulator of QEMU, which can lead to an infinite loop due to an unreachable exit condition. This can be exploited by a remote attacker to cause a denial of service. The problem arises from un-checked return values in `hw/rdma/vmw/pvrdma dev ring.c`, specifically the mishandling of `-1` return values. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: QEMU (affected versions not specified) Description: The issue is related to the hw/rdma/rdma backend.c component in QEMU, which allows guest OS users to trigger out-of-bounds access. This can be achieved via a PvrdmaSqWqe ring element with a large `num sge` value, potentially leading to a denial of service. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: QEMU (affected versions not specified) Description: The issue is related to errors in pointer dereferencing in the PVRDMA emulator hardware component of QEMU. It may allow a remote attacker to cause a denial of service by creating CQ/QP objects, potentially leading to a NULL pointer dereference or excessive memory allocation in functions such as `create cq ring` or `create qp rings`. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: QEMU (affected versions not specified) Description: The issue is related to errors in pointer dereferencing in the uar read and uar write functions of the PVRDMA emulator's virtual network adapter in QEMU. This can be exploited by a remote attacker to cause a denial of service. The problem arises because QEMU does not implement a read operation, such as uar read, which by analogy to uar write, allows attackers to cause a denial of service through a NULL pointer dereference. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Subsystem for Linux versions prior to the fixed version Windows 10 versions 1703 through 1709 Windows Server, version 1709 **Description** The issue is related to the way objects are handled in memory, allowing an elevation of privilege. This could potentially enable attackers to affect the system. **Recommendations** For Windows 10 versions 1703 through 1709, update to a version that includes the fix for this issue. For Windows Server, version 1709, apply the necessary patch or update to resolve the elevation of privilege vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability in other affected versions.