Tag: Memory Corruption

ASA-2019-00569 – Intel NUC: Memory corruption in system firmware

Posted on by Allele Security Intelligence in Alerts

Memory corruption in system firmware for Intel NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

ASA-2019-00515 – Apache HTTP Server: mod_http2, memory corruption on early pushes

Posted on by Allele Security Intelligence in Alerts

HTTP/2 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.

ASA-2019-00450 – Mozilla Firefox: Memory safety bugs

Posted on by Allele Security Intelligence in Alerts

Mozilla developers and community members Andreea Pavel, Christian Holler, Honza Bambas, Jason Kratzer, and Jeff Gilbert reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.