Lucene search

K

4th Gen AMD EPYC™ Processors Security Vulnerabilities

vulnrichment
vulnrichment

CVE-2024-26661 drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not...

6.8AI Score

0.0004EPSS

2024-04-02 06:22 AM
ubuntucve
ubuntucve

CVE-2024-26662

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()' 'panel_cntl' structure used to control the display panel could be null, dereferencing it could lead to a null pointer access. Fixes the below:...

6.5AI Score

0.0004EPSS

2024-04-02 12:00 AM
7
nessus
nessus

RHEL 8 : kernel-rt (RHSA-2024:1614)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1614 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

7.8CVSS

8.4AI Score

0.011EPSS

2024-04-02 12:00 AM
28
ubuntucve
ubuntucve

CVE-2024-26660

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream_enc_registers structures. The array is initialized with four elements, corresponding to the four...

7.8AI Score

0.0004EPSS

2024-04-02 12:00 AM
10
ubuntucve
ubuntucve

CVE-2024-26661

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not...

6.6AI Score

0.0004EPSS

2024-04-02 12:00 AM
6
ubuntucve
ubuntucve

CVE-2023-52634

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disable_otg_wa logic [Why] When switching to another HDMI mode, we are unnecesarilly disabling/enabling FIFO causing both HPO and DIG registers to be set at the same time when only HPO is supposed to be set....

6.5AI Score

0.0004EPSS

2024-04-02 12:00 AM
7
ubuntucve
ubuntucve

CVE-2024-26672

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()' Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_mca.c:377 amdgpu_mca_smu_get_mca_entry() warn: variable dereferenced before....

6.7AI Score

0.0004EPSS

2024-04-02 12:00 AM
5
osv
osv

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096) kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size...

7.8CVSS

8.4AI Score

0.011EPSS

2024-04-02 12:00 AM
9
almalinux
almalinux

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096) kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size...

7.8CVSS

8.7AI Score

0.011EPSS

2024-04-02 12:00 AM
20
nessus
nessus

RHEL 8 : kernel (RHSA-2024:1607)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1607 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: vmwgfx: NULL pointer...

7.8CVSS

8.5AI Score

0.011EPSS

2024-04-02 12:00 AM
80
ibm
ibm

Security Bulletin: IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-49083

Summary IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-49083.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is...

7.8CVSS

9.9AI Score

0.002EPSS

2024-04-01 07:33 AM
14
mageia
mageia

Updated microcode packages fix security vulnerabilities

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-22655) Information exposure through microarchitectural state after...

6.5CVSS

7.8AI Score

0.001EPSS

2024-03-31 06:27 AM
14
nessus
nessus

Fedora 38 : xen (2024-29f57f1b4e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-29f57f1b4e advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors...

6.5CVSS

7.4AI Score

0.0004EPSS

2024-03-30 12:00 AM
10
nessus
nessus

Fedora 39 : xen (2024-9e9f53d01d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9e9f53d01d advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors...

6.5CVSS

7.4AI Score

0.0004EPSS

2024-03-30 12:00 AM
9
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 18, 2024 to March 24, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 94 vulnerabilities disclosed in 81 WordPress.....

9.9CVSS

9.4AI Score

0.001EPSS

2024-03-28 03:35 PM
24
talosblog
talosblog

Enter the substitute teacher

Welcome to this week's threat source newsletter with Jon out, you've got me as your substitute teacher. I'm taking you back to those halcyon days of youth and that moment when you found out that you had a sub that day, will I be the teacher that just rolls in the TV cart and delivers the single...

7.7AI Score

2024-03-28 02:00 PM
7
thn
thn

New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD...

7.3AI Score

2024-03-28 10:55 AM
10
ibm
ibm

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to confidentiality impacts and a timing-based side-channel attack due to multiple vulnerabilities.

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to confidentiality impacts [CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945] and a timing-based side-channel attack [CVE-2023-33850] as described in the...

7.5CVSS

7AI Score

0.001EPSS

2024-03-27 10:18 PM
20
redhatcve
redhatcve

CVE-2024-26648

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc dc' & 'struct dmub_replay replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the...

7AI Score

0.0004EPSS

2024-03-27 02:01 PM
9
redhatcve
redhatcve

CVE-2024-26647

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NU...

6.9AI Score

0.0004EPSS

2024-03-27 01:53 PM
8
nvd
nvd

CVE-2023-6400

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and...

7.4CVSS

7.5AI Score

0.0004EPSS

2024-03-27 01:15 PM
cve
cve

CVE-2023-6400

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and...

7.4CVSS

7AI Score

0.0004EPSS

2024-03-27 01:15 PM
28
cvelist
cvelist

CVE-2023-6400 Incorrect user authorization vulnerability on OpenText ZENworks Configuration Management (ZCM) product.

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and...

7.4CVSS

7.8AI Score

0.0004EPSS

2024-03-27 12:30 PM
githubexploit
githubexploit

Exploit for Out-of-bounds Write in Google Android

Fluoride Bluetooth stack Building and running on AOSP...

9.8CVSS

7.4AI Score

0.001EPSS

2024-03-27 10:45 AM
89
osv
osv

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817) kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation (CVE-2024-0193) kernel: ktls...

7.8CVSS

7.9AI Score

0.001EPSS

2024-03-27 04:37 AM
9
rocky
rocky

kernel security update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux....

7.8CVSS

7.6AI Score

0.001EPSS

2024-03-27 04:37 AM
29
intel
intel

Intel® oneAPI Toolkit Software Advisory

Summary: Potential security vulnerabilities in some Intel® oneAPI Toolkits and standalone component software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-35121 Description: Improper...

7.1AI Score

0.0004EPSS

2024-03-27 12:00 AM
6
redhatcve
redhatcve

CVE-2023-52625

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle state prior to sending a command, but the process.....

7.2AI Score

0.0004EPSS

2024-03-26 09:59 PM
8
redhatcve
redhatcve

CVE-2023-52624

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap...

7.2AI Score

0.0004EPSS

2024-03-26 09:59 PM
4
debiancve
debiancve

CVE-2024-26647

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NU...

7AI Score

0.0004EPSS

2024-03-26 06:15 PM
6
debiancve
debiancve

CVE-2024-26648

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc dc' & 'struct dmub_replay replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the...

7.1AI Score

0.0004EPSS

2024-03-26 06:15 PM
6
nvd
nvd

CVE-2024-26647

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NU...

7.3AI Score

0.0004EPSS

2024-03-26 06:15 PM
nvd
nvd

CVE-2024-26648

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc dc' & 'struct dmub_replay replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the...

6.4AI Score

0.0004EPSS

2024-03-26 06:15 PM
cve
cve

CVE-2024-26648

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc dc' & 'struct dmub_replay replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the...

6.6AI Score

0.0004EPSS

2024-03-26 06:15 PM
37
cve
cve

CVE-2024-26647

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NU...

6.4AI Score

0.0004EPSS

2024-03-26 06:15 PM
41
nvd
nvd

CVE-2023-52625

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle state prior to sending a command, but the process.....

6.7AI Score

0.0004EPSS

2024-03-26 06:15 PM
cve
cve

CVE-2023-52625

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle state prior to sending a command, but the process.....

6.8AI Score

0.0004EPSS

2024-03-26 06:15 PM
33
debiancve
debiancve

CVE-2023-52625

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle state prior to sending a command, but the...

6.9AI Score

0.0004EPSS

2024-03-26 06:15 PM
4
nvd
nvd

CVE-2023-52624

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap...

6.5AI Score

0.0004EPSS

2024-03-26 06:15 PM
debiancve
debiancve

CVE-2023-52624

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap...

7AI Score

0.0004EPSS

2024-03-26 06:15 PM
5
cve
cve

CVE-2023-52624

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap...

6.6AI Score

0.0004EPSS

2024-03-26 06:15 PM
31
cvelist
cvelist

CVE-2024-26647 drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()'

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NU...

7.5AI Score

0.0004EPSS

2024-03-26 05:50 PM
1
cvelist
cvelist

CVE-2024-26648 drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc dc' & 'struct dmub_replay replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the...

6.7AI Score

0.0004EPSS

2024-03-26 05:50 PM
vulnrichment
vulnrichment

CVE-2024-26647 drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()'

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NU...

6.7AI Score

0.0004EPSS

2024-03-26 05:50 PM
cvelist
cvelist

CVE-2023-52625 drm/amd/display: Refactor DMCUB enter/exit idle interface

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle state prior to sending a command, but the process.....

6.9AI Score

0.0004EPSS

2024-03-26 05:49 PM
cvelist
cvelist

CVE-2023-52624 drm/amd/display: Wake DMCUB before executing GPINT commands

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap...

6.8AI Score

0.0004EPSS

2024-03-26 05:49 PM
ubuntucve
ubuntucve

CVE-2023-52624

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap...

6.9AI Score

0.0004EPSS

2024-03-26 12:00 AM
9
openvas
openvas

Ubuntu: Security Advisory (USN-6701-3)

The remote host is missing an update for...

7.8CVSS

7.2AI Score

0.011EPSS

2024-03-26 12:00 AM
7
ubuntucve
ubuntucve

CVE-2024-26648

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc dc' & 'struct dmub_replay replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the...

6.7AI Score

0.0004EPSS

2024-03-26 12:00 AM
5
ubuntucve
ubuntucve

CVE-2024-26647

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NU...

6.4AI Score

0.0004EPSS

2024-03-26 12:00 AM
3
Total number of security vulnerabilities24132