Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)

Summary: An unusual buffer overflow vulnerability. that allows LPE was observed prior to April’s PT (patch-tuesday) in various Oracle Solaris platform.  The researcher have published a POC publicly that was acclaimed by Oracle as well for CVE-2020-2944. Description: A buffer overflow in the _SanityCheck() function in the Common Desktop Environment version distributed with Oracle Solaris … Continue reading “Oracle Solaris Local Privilege Escalation Vulnerability (CVE-2020-2944)”