This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function _speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. I sincerely hope that these issues are being addressed and will be resolved in a not to distant version of Notepad++.The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. This issue may lead to arbitrary code execution.įor all of the above CVEs, As of time of publication, no known patches are available in existing versions of Notepad++. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in Utf8_16_Read::convert. Potentially, it may be used to leak internal memory allocation information. The exploitability of this issue is not clear. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in CharDistributionAnalysis::HandleOneChar. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in nsCodingStateMachine::NextStater. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining. The following CVEs have been reported in Notepad++ V8.5.6 and Prior
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |