Lucene search

K

2nd Gen AMD EPYC™ Processors Security Vulnerabilities

nessus
nessus

RHEL 9 : kernel (RHSA-2024:1248)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1248 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: inactive elements in...

7.8CVSS

8.4AI Score

0.001EPSS

2024-04-29 12:00 AM
10
nessus
nessus

Fedora 40 : xen (2024-3a36322c4b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a36322c4b advisory. Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A sub-feature of this are Shadow Stacks (CET-SS). CET-SS...

6.5CVSS

7AI Score

0.0004EPSS

2024-04-29 12:00 AM
5
nessus
nessus

Debian dla-3800 : ruby-rack - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3800 advisory. Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack's media type parser to take much longer than expected,...

5.8CVSS

6.7AI Score

0.0004EPSS

2024-04-29 12:00 AM
7
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1454-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync...

7.8CVSS

8AI Score

0.001EPSS

2024-04-29 12:00 AM
12
nessus
nessus

RHEL 9 : kernel (RHSA-2023:7749)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7749 advisory. kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192) kernel: use-after-free vulnerability in the smb client component...

7.8CVSS

7.3AI Score

0.001EPSS

2024-04-28 12:00 AM
6
nessus
nessus

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2258)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2258 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

5.5CVSS

6.3AI Score

0.003EPSS

2024-04-27 12:00 AM
3
nessus
nessus

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2289)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2289 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

5.5CVSS

6.3AI Score

0.003EPSS

2024-04-27 12:00 AM
4
nessus
nessus

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2228)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2228 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

5.5CVSS

6.3AI Score

0.003EPSS

2024-04-27 12:00 AM
1
nessus
nessus

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2364)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2364 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

5.5CVSS

6.3AI Score

0.003EPSS

2024-04-27 12:00 AM
1
nessus
nessus

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2363)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2363 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

5.5CVSS

7.1AI Score

0.003EPSS

2024-04-27 12:00 AM
impervablog
impervablog

The CISO’s Top Priority: Elevating Data-Centric Security

The shift to cloud computing has enhanced the resilience and security of most organizations. In this era of unparalleled agility and scalability, data-centric security can offer transformational opportunities for Chief Information Security Officers (CISOs) to improve data protection, compliance,...

7.2AI Score

2024-04-25 03:06 PM
6
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM® SDK, Java™ Technology Java affect IBM Cloud Pak System

Summary Vulnerabilities in IBM Java SDK affect IBM Cloud Pak System. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high...

9.1CVSS

8.6AI Score

0.001EPSS

2024-04-24 01:04 PM
11
nessus
nessus

RHEL 8 : linux-firmware (RHSA-2024:2005)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2005 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw amd:...

4.7CVSS

7.3AI Score

0.0004EPSS

2024-04-24 12:00 AM
7
cve
cve

CVE-2024-21972

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.6AI Score

0.0004EPSS

2024-04-23 05:15 PM
42
nvd
nvd

CVE-2024-21972

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.6AI Score

0.0004EPSS

2024-04-23 05:15 PM
nvd
nvd

CVE-2024-21979

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.6AI Score

0.0004EPSS

2024-04-23 05:15 PM
1
cve
cve

CVE-2024-21979

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-04-23 05:15 PM
37
cvelist
cvelist

CVE-2024-21979

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.8AI Score

0.0004EPSS

2024-04-23 04:36 PM
cvelist
cvelist

CVE-2024-21972

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.8AI Score

0.0004EPSS

2024-04-23 04:36 PM
redhat
redhat

(RHSA-2024:2005) Moderate: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569) For more details about the security issue(s), including the impact, a...

7.6AI Score

0.0004EPSS

2024-04-23 04:19 PM
20
oraclelinux
oraclelinux

kernel security and bug fix update

[3.10.0-1160.118.1.0.1] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.118.1] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected]) - Update x509.genkey...

9.8CVSS

8.2AI Score

0.001EPSS

2024-04-23 12:00 AM
29
nvd
nvd

CVE-2024-0671

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already....

6.6AI Score

0.0004EPSS

2024-04-19 09:15 AM
cve
cve

CVE-2024-0671

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already....

6.8AI Score

0.0004EPSS

2024-04-19 09:15 AM
31
nvd
nvd

CVE-2024-1065

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

6.6AI Score

0.0004EPSS

2024-04-19 09:15 AM
cve
cve

CVE-2024-1065

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

6.8AI Score

0.0004EPSS

2024-04-19 09:15 AM
40
vulnrichment
vulnrichment

CVE-2024-1065 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

7AI Score

0.0004EPSS

2024-04-19 08:51 AM
1
cvelist
cvelist

CVE-2024-1065 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

6.8AI Score

0.0004EPSS

2024-04-19 08:51 AM
cvelist
cvelist

CVE-2024-0671 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already....

6.8AI Score

0.0004EPSS

2024-04-19 08:50 AM
ubuntu
ubuntu

Linux kernel vulnerabilities

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-6.5 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-gcp - Linux kernel for...

7.8CVSS

7.2AI Score

0.0004EPSS

2024-04-19 12:00 AM
15
ubuntu
ubuntu

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.4 - Linux kernel...

7.8CVSS

7.2AI Score

0.003EPSS

2024-04-19 12:00 AM
11
openvas
openvas

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1321-1)

The remote host is missing an update for...

7.8CVSS

7.2AI Score

EPSS

2024-04-19 12:00 AM
7
kitploit
kitploit

VectorKernel - PoCs For Kernelmode Rootkit Techniques Research

PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64bit OS only. NOTE Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not supported in OSes older than Windows 10 Version 2004. If you want.....

7.6AI Score

2024-04-18 12:30 PM
15
redhat
redhat

(RHSA-2024:1877) Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341) kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted...

9.5AI Score

0.002EPSS

2024-04-18 12:58 AM
12
nessus
nessus

RHEL 8 : kernel (RHSA-2024:1877)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1877 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: cpu: AMD CPUs may transiently...

8.8CVSS

7.8AI Score

0.002EPSS

2024-04-18 12:00 AM
7
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

7.8CVSS

8AI Score

EPSS

2024-04-18 12:00 AM
15
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

7.8CVSS

8.4AI Score

EPSS

2024-04-18 12:00 AM
18
redhatcve
redhatcve

CVE-2024-26914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the...

7.6AI Score

0.0004EPSS

2024-04-17 09:33 PM
6
redhatcve
redhatcve

CVE-2024-26913

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue [why] odm calculation is missing for pipe split policy determination and cause Underflow/Corruption issue. [how] Add the odm...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-04-17 09:32 PM
7
redhatcve
redhatcve

CVE-2024-26916

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: flush any delayed gfxoff on suspend entry" commit ab4750332dbe ("drm/amdgpu/sdma5.2: add begin/end_use ring callbacks") caused GFXOFF control to be used more heavily and the codepath that was removed from commit...

6.1AI Score

0.0004EPSS

2024-04-17 08:52 PM
7
malwarebytes
malwarebytes

Should you share your location with your partner?

Every relationship has its disagreements. Who takes out the trash and washes the dishes? Who plans the meals and writes out the grocery list? And when is it okay to start tracking one another’s location? Location sharing is becoming the norm between romantic partners—50% of people valued...

6.9AI Score

2024-04-17 07:54 PM
15
redhatcve
redhatcve

CVE-2024-26833

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak in dm_sw_fini() After destroying dmub_srv, the memory associated with it is not freed, causing a memory leak: unreferenced object 0xffff896302b45800 (size 1024): comm "(udev-worker)", pid 222,...

7.1AI Score

0.0004EPSS

2024-04-17 05:29 PM
11
debiancve
debiancve

CVE-2024-26913

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue [why] odm calculation is missing for pipe split policy determination and cause Underflow/Corruption issue. [how] Add the odm...

7.8CVSS

6.7AI Score

0.0004EPSS

2024-04-17 04:15 PM
10
debiancve
debiancve

CVE-2024-26914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the...

7AI Score

0.0004EPSS

2024-04-17 04:15 PM
8
cve
cve

CVE-2024-26913

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue [why] odm calculation is missing for pipe split policy determination and cause Underflow/Corruption issue. [how] Add the odm...

7.8CVSS

6.8AI Score

0.0004EPSS

2024-04-17 04:15 PM
32
nvd
nvd

CVE-2024-26913

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue [why] odm calculation is missing for pipe split policy determination and cause Underflow/Corruption issue. [how] Add the odm...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-04-17 04:15 PM
1
nvd
nvd

CVE-2024-26914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the...

6.9AI Score

0.0004EPSS

2024-04-17 04:15 PM
nvd
nvd

CVE-2024-26916

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: flush any delayed gfxoff on suspend entry" commit ab4750332dbe ("drm/amdgpu/sdma5.2: add begin/end_use ring callbacks") caused GFXOFF control to be used more heavily and the codepath that was removed from commit...

7.4AI Score

0.0004EPSS

2024-04-17 04:15 PM
1
debiancve
debiancve

CVE-2024-26916

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: flush any delayed gfxoff on suspend entry" commit ab4750332dbe ("drm/amdgpu/sdma5.2: add begin/end_use ring callbacks") caused GFXOFF control to be used more heavily and the codepath that was removed from commit...

6.6AI Score

0.0004EPSS

2024-04-17 04:15 PM
10
cve
cve

CVE-2024-26914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the...

7.1AI Score

0.0004EPSS

2024-04-17 04:15 PM
30
cve
cve

CVE-2024-26916

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: flush any delayed gfxoff on suspend entry" commit ab4750332dbe ("drm/amdgpu/sdma5.2: add begin/end_use ring callbacks") caused GFXOFF control to be used more heavily and the codepath that was removed from commit...

6.3AI Score

0.0004EPSS

2024-04-17 04:15 PM
37
Total number of security vulnerabilities25316