Project Zero Bot
p0bot
New Project Zero issue:
MacOS Sandbox Escape via Type Confusion in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/372511888
CVE-2024-54529
MacOS Sandbox Escape via Type Confusion in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/372511888
CVE-2024-54529
0
0
2
Project Zero Bot
p0bot
New Project Zero issue:
WebKit: use-after-free in DocumentFontLoader::fontLoadingTimerFired
https://project-zero.issues.chromium.org/issues/374377963
CVE-2024-54502
WebKit: use-after-free in DocumentFontLoader::fontLoadingTimerFired
https://project-zero.issues.chromium.org/issues/374377963
CVE-2024-54502
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
inotify_rm_watch() race with umount() can lead to superblock-related UAF
https://project-zero.issues.chromium.org/issues/379667898
CVE-2024-53143
inotify_rm_watch() race with umount() can lead to superblock-related UAF
https://project-zero.issues.chromium.org/issues/379667898
CVE-2024-53143
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung S24: Out of bounds write in APE Decoder
https://project-zero.issues.chromium.org/issues/368695689
CVE-2024-49415
Samsung S24: Out of bounds write in APE Decoder
https://project-zero.issues.chromium.org/issues/368695689
CVE-2024-49415
0
1
3
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel False File Immutability attack on registry hives via the Cloud Filter API
https://project-zero.issues.chromium.org/issues/42451734
CVE-2024-49114
Windows Kernel False File Immutability attack on registry hives via the Cloud Filter API
https://project-zero.issues.chromium.org/issues/42451734
CVE-2024-49114
1
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=5.10: wrong order of operations on close_and_free_vma error path causes temporary dangling PTE
https://project-zero.issues.chromium.org/issues/374117290
CVE-2024-53096
Linux >=5.10: wrong order of operations on close_and_free_vma error path causes temporary dangling PTE
https://project-zero.issues.chromium.org/issues/374117290
CVE-2024-53096
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Linux: Panthor: racy panthor_vm_pool_get_vm() leads to UAF
https://project-zero.issues.chromium.org/issues/377500597
CVE-2024-53080
Linux: Panthor: racy panthor_vm_pool_get_vm() leads to UAF
https://project-zero.issues.chromium.org/issues/377500597
CVE-2024-53080
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=v6.8-rc1: VMA UAF when nascent MM is accessed through forked userfaultfd or khugepaged after aborted fork
https://project-zero.issues.chromium.org/issues/373391951
CVE-2024-50263, CVE-2024-50220
Linux >=v6.8-rc1: VMA UAF when nascent MM is accessed through forked userfaultfd or khugepaged after aborted fork
https://project-zero.issues.chromium.org/issues/373391951
CVE-2024-50263, CVE-2024-50220
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel registry security descriptor refcount may overflow when referenced by too many transacted operations
https://project-zero.issues.chromium.org/issues/42451732
CVE-2024-43641
Windows Kernel registry security descriptor refcount may overflow when referenced by too many transacted operations
https://project-zero.issues.chromium.org/issues/42451732
CVE-2024-43641
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel passes user-mode pointers to registry callbacks, leading to race conditions and memory corruption
https://project-zero.issues.chromium.org/issues/42451607
CVE-2023-38141
Windows Kernel passes user-mode pointers to registry callbacks, leading to race conditions and memory corruption
https://project-zero.issues.chromium.org/issues/42451607
CVE-2023-38141
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel double-fetch in the loading of remote registry hives, leading to memory corruption
https://project-zero.issues.chromium.org/issues/42451731
CVE-2024-43452
Windows Kernel double-fetch in the loading of remote registry hives, leading to memory corruption
https://project-zero.issues.chromium.org/issues/42451731
CVE-2024-43452
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
PowerVR: PVRSRVAcquireProcessHandleBase() can cause psProcessHandleBase reuse when PIDs are reused
https://project-zero.issues.chromium.org/issues/42451726
CVE-2024-43704
PowerVR: PVRSRVAcquireProcessHandleBase() can cause psProcessHandleBase reuse when PIDs are reused
https://project-zero.issues.chromium.org/issues/42451726
CVE-2024-43704
0
0
0
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=6.6: race between mremap (move_normal_pmd) and MADVISE_COLLAPSE (retract_page_tables)
https://project-zero.issues.chromium.org/issues/371047675
CVE-2024-50066
Linux >=6.6: race between mremap (move_normal_pmd) and MADVISE_COLLAPSE (retract_page_tables)
https://project-zero.issues.chromium.org/issues/371047675
CVE-2024-50066
0
1
2
Project Zero Bot
p0bot
New Project Zero issue:
FASTRPC_ATTR_KEEP_MAP logic bug allows fastrpc_internal_munmap_fd to racily free in-use mappings leading to UAF
https://project-zero.issues.chromium.org/issues/42451725
CVE-2024-49848
FASTRPC_ATTR_KEEP_MAP logic bug allows fastrpc_internal_munmap_fd to racily free in-use mappings leading to UAF
https://project-zero.issues.chromium.org/issues/42451725
CVE-2024-49848
1
1
2
Project Zero Bot
p0bot
New Project Zero issue:
Linux: temporarily dangling PFN mapping on remap_pfn_range() failure in usbdev_mmap() (and elsewhere?)
https://project-zero.issues.chromium.org/issues/366053091
CVE-2024-47674
Linux: temporarily dangling PFN mapping on remap_pfn_range() failure in usbdev_mmap() (and elsewhere?)
https://project-zero.issues.chromium.org/issues/366053091
CVE-2024-47674
0
2
1
Project Zero Bot
p0bot
New Project Zero issue:
adsprpc: refcount leak leading to UAF in fastrpc_get_process_gids
https://project-zero.issues.chromium.org/issues/42451711
CVE-2024-38402
adsprpc: refcount leak leading to UAF in fastrpc_get_process_gids
https://project-zero.issues.chromium.org/issues/42451711
CVE-2024-38402
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Linux: fuse_notify_store() marks page uptodate while leaving beyond-EOF parts uninitialized
https://project-zero.issues.chromium.org/issues/42451729
CVE-2024-44947
Linux: fuse_notify_store() marks page uptodate while leaving beyond-EOF parts uninitialized
https://project-zero.issues.chromium.org/issues/42451729
CVE-2024-44947
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code
https://project-zero.issues.chromium.org/issues/42451518
CVE-2023-20937
Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code
https://project-zero.issues.chromium.org/issues/42451518
CVE-2023-20937
0
0
0
Project Zero Bot
p0bot
New Project Zero issue:
dav1d integer overflow leading to out-of-bounds write
https://project-zero.issues.chromium.org/issues/42451651
CVE-2024-1580
dav1d integer overflow leading to out-of-bounds write
https://project-zero.issues.chromium.org/issues/42451651
CVE-2024-1580
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
UAF race of global maps in fastrpc_mmap_create (and epilogue functions) cause memory corruption
https://project-zero.issues.chromium.org/issues/42451715
CVE-2024-33060
UAF race of global maps in fastrpc_mmap_create (and epilogue functions) cause memory corruption
https://project-zero.issues.chromium.org/issues/42451715
CVE-2024-33060
0
1
2