Lucene search

K

4th Gen AMD EPYC™ Processors Security Vulnerabilities

nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ucode-intel (SUSE-SU-2024:1139-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1139-1 advisory. Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when...

6.5CVSS

8.1AI Score

0.001EPSS

2024-04-09 12:00 AM
5
ubuntu
ubuntu

Linux kernel (Azure) vulnerabilities

Releases Ubuntu 14.04 ESM Packages linux-azure - Linux kernel for Microsoft Azure Cloud systems Details Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to...

7.8CVSS

8.3AI Score

0.011EPSS

2024-04-09 12:00 AM
7
cert
cert

Linux kernel on Intel systems is susceptible to Spectre v2 attacks

Overview A new cross-privilege Spectre v2 vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v2 branch history injection (BHI) are likely affected. An unauthenticated.....

6.5CVSS

6.8AI Score

EPSS

2024-04-09 12:00 AM
27
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2024:1102-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1102-1 advisory. Information exposure through microarchitectural state after transient execution from some...

6.5CVSS

6.9AI Score

0.0004EPSS

2024-04-09 12:00 AM
3
redhatcve
redhatcve

CVE-2024-25743

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

5.9AI Score

EPSS

2024-04-08 10:51 AM
27
redhatcve
redhatcve

CVE-2024-25742

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

5.8AI Score

EPSS

2024-04-08 10:51 AM
27
openvas
openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1488)

The remote host is missing an update for the Huawei...

7.8CVSS

6.9AI Score

EPSS

2024-04-08 12:00 AM
5
oraclelinux
oraclelinux

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.330.7.1.el7] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate...

7.8CVSS

8.1AI Score

EPSS

2024-04-08 12:00 AM
5
oraclelinux
oraclelinux

Unbreakable Enterprise kernel security update

[5.15.0-205.149.5.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Enumerate Branch...

8.2AI Score

EPSS

2024-04-08 12:00 AM
28
oraclelinux
oraclelinux

Unbreakable Enterprise kernel security update

[5.4.17-2136.330.7.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch...

7.8CVSS

8.1AI Score

EPSS

2024-04-08 12:00 AM
14
nessus
nessus

SUSE SLES12 Security Update : xen (SUSE-SU-2024:1105-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1105-1 advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R)...

6.5CVSS

7.3AI Score

0.0004EPSS

2024-04-08 12:00 AM
13
oraclelinux
oraclelinux

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.330.7.1.el8] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate...

7.8CVSS

8.1AI Score

EPSS

2024-04-08 12:00 AM
8
nessus
nessus

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-1488)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue...

7.8CVSS

7.2AI Score

EPSS

2024-04-08 12:00 AM
5
oraclelinux
oraclelinux

Unbreakable Enterprise kernel security update

[4.14.35-2047.535.2.1] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [Orabug: 36467681] {CVE-2024-1086} [4.14.35-2047.535.2] - Fix null ptr in rds_tcp_recv_path (Allison Henderson) [Orabug: 33499812] - LTS version: v4.14.338 (Saeed Mirzamohammadi) - crypto:...

7.8CVSS

8AI Score

0.011EPSS

2024-04-08 12:00 AM
7
nessus
nessus

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-1509)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue...

7.8CVSS

7.1AI Score

EPSS

2024-04-08 12:00 AM
9
osv
osv

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096) kernel: Out of boundary write in...

7.8CVSS

8.3AI Score

0.011EPSS

2024-04-05 02:56 PM
12
rocky
rocky

kernel-rt security and bug fix update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

7.8CVSS

7.7AI Score

0.011EPSS

2024-04-05 02:56 PM
55
rocky
rocky

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating....

7.8CVSS

7.8AI Score

0.011EPSS

2024-04-05 02:55 PM
51
osv
osv

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096) kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size...

7.8CVSS

8.4AI Score

0.011EPSS

2024-04-05 02:55 PM
6
cve
cve

CVE-2023-49965

SpaceX Starlink Wi-Fi router Gen 2 before 2023.48.0 allows XSS via the ssid and password parameters on the Setup...

6AI Score

0.0004EPSS

2024-04-05 02:15 PM
31
nvd
nvd

CVE-2023-49965

SpaceX Starlink Wi-Fi router Gen 2 before 2023.48.0 allows XSS via the ssid and password parameters on the Setup...

5.9AI Score

0.0004EPSS

2024-04-05 02:15 PM
cve
cve

CVE-2023-52235

SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee-de28928aed34 allow CSRF (e.g., for a reboot) via a DNS Rebinding...

7AI Score

0.0004EPSS

2024-04-05 06:15 AM
27
nvd
nvd

CVE-2023-52235

SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee-de28928aed34 allow CSRF (e.g., for a reboot) via a DNS Rebinding...

6.7AI Score

0.0004EPSS

2024-04-05 06:15 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0103)

The remote host is missing an update for...

6.5CVSS

7.2AI Score

0.001EPSS

2024-04-05 12:00 AM
12
cvelist
cvelist

CVE-2023-52235

SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee-de28928aed34 allow CSRF (e.g., for a reboot) via a DNS Rebinding...

6.9AI Score

0.0004EPSS

2024-04-05 12:00 AM
1
nessus
nessus

Rocky Linux 8 : kernel-rt (RLSA-2024:1614)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1614 advisory. Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects...

7.8CVSS

7.8AI Score

0.011EPSS

2024-04-05 12:00 AM
23
nessus
nessus

Rocky Linux 8 : kernel (RLSA-2024:1607)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1607 advisory. Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects...

7.8CVSS

7.8AI Score

0.011EPSS

2024-04-05 12:00 AM
41
cvelist
cvelist

CVE-2023-49965

SpaceX Starlink Wi-Fi router Gen 2 before 2023.48.0 allows XSS via the ssid and password parameters on the Setup...

6AI Score

0.0004EPSS

2024-04-05 12:00 AM
redhatcve
redhatcve

CVE-2024-26797

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially...

7.7AI Score

0.0004EPSS

2024-04-04 05:16 PM
8
thn
thn

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially...

7.2AI Score

2024-04-04 03:42 PM
30
debiancve
debiancve

CVE-2024-26797

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially...

7.8AI Score

0.0004EPSS

2024-04-04 09:15 AM
6
nvd
nvd

CVE-2024-26797

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially...

7.1AI Score

0.0004EPSS

2024-04-04 09:15 AM
1
cve
cve

CVE-2024-26797

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially...

7.3AI Score

0.0004EPSS

2024-04-04 09:15 AM
33
cvelist
cvelist

CVE-2024-26797 drm/amd/display: Prevent potential buffer overflow in map_hw_resources

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially...

7.3AI Score

0.0004EPSS

2024-04-04 08:20 AM
ibm
ibm

Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager is vulnerable to multiple vulnerabilities.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Tivoli Application Dependency Discovery Manager (TADDM). These issues were disclosed as part of the IBM Java SDK updates in January 2024. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An...

7.5CVSS

7.2AI Score

0.001EPSS

2024-04-04 06:00 AM
13
redhatcve
redhatcve

CVE-2024-26728

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn't aux_mode in dc_link to fix a null-pointer derefence that happens when running igt@kms_force_connector_basic in a system with DCN2.1 and....

6.7AI Score

0.0004EPSS

2024-04-04 01:52 AM
4
redhatcve
redhatcve

CVE-2024-26729

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in the dc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up() functions. In both functions, the.....

6.9AI Score

0.0004EPSS

2024-04-04 01:24 AM
4
redhatcve
redhatcve

CVE-2024-26767

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null...

7AI Score

0.0004EPSS

2024-04-04 12:34 AM
3
ubuntucve
ubuntucve

CVE-2024-26797

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially...

7.3AI Score

0.0004EPSS

2024-04-04 12:00 AM
5
redhatcve
redhatcve

CVE-2024-26700

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 917...

6.9AI Score

0.0004EPSS

2024-04-03 11:08 PM
7
redhatcve
redhatcve

CVE-2024-26699

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr [Why] There is a potential memory access violation while iterating through array of dcn35 clks. [How] Limit iteration per array...

7AI Score

0.0004EPSS

2024-04-03 11:08 PM
6
debiancve
debiancve

CVE-2024-26767

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null...

7.1AI Score

0.0004EPSS

2024-04-03 05:15 PM
2
cve
cve

CVE-2024-26767

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null...

6.6AI Score

0.0004EPSS

2024-04-03 05:15 PM
30
nvd
nvd

CVE-2024-26767

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null...

6.5AI Score

0.0004EPSS

2024-04-03 05:15 PM
nvd
nvd

CVE-2024-26728

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn't aux_mode in dc_link to fix a null-pointer derefence that happens when running igt@kms_force_connector_basic in a system with DCN2.1 and....

6.2AI Score

0.0004EPSS

2024-04-03 05:15 PM
cve
cve

CVE-2024-26729

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in the dc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up() functions. In both functions, the.....

6.6AI Score

0.0004EPSS

2024-04-03 05:15 PM
30
cve
cve

CVE-2024-26728

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn't aux_mode in dc_link to fix a null-pointer derefence that happens when running igt@kms_force_connector_basic in a system with DCN2.1 and....

6.4AI Score

0.0004EPSS

2024-04-03 05:15 PM
31
nvd
nvd

CVE-2024-26729

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in the dc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up() functions. In both functions, the.....

6.4AI Score

0.0004EPSS

2024-04-03 05:15 PM
debiancve
debiancve

CVE-2024-26728

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn't aux_mode in dc_link to fix a null-pointer derefence that happens when running igt@kms_force_connector_basic in a system with DCN2.1...

6.8AI Score

0.0004EPSS

2024-04-03 05:15 PM
7
debiancve
debiancve

CVE-2024-26729

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in the dc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up() functions. In both functions,...

7AI Score

0.0004EPSS

2024-04-03 05:15 PM
5
Total number of security vulnerabilities24134