Acrn Security Vulnerabilities
An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for...
7.5CVSS
7.5AI Score
0.001EPSS
ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer...
7.8CVSS
7.7AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
The Device Model in ACRN through 2.5 has a devicemodel/core/mem.c use-after-free for a freed...
7.5CVSS
7.6AI Score
0.001EPSS
The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to...
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and...
7.5CVSS
7.5AI Score
0.001EPSS
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion...
7.5CVSS
7.2AI Score
0.002EPSS