39 matches found
DEBIAN-CVE-2023-53266
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Fix possible memory leak of ffhctxt Allocated 'ffhctxt' memory leak is possible if the SMCCC version and conduit checks fail and -EOPNOTSUPP is returned without freeing the allocated memory. Fix the same by moving th...
CVE-2023-53266
The CVE-2023-53266 issue affects the Linux kernel (arm64) ACPI path involving ffh_ctxt allocation. The vulnerability arises when SMCCC version and conduit checks fail and a -EOPNOTSUPP return occurs without freeing the allocated ffh_ctxt memory, creating a memory leak. The documented fix moves th...
Linux Distros Unpatched Vulnerability : CVE-2022-50320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPI: tables: FPDT: Don't call acpiosmapmemory on invalid phys address On a Packard Bell Dot SC Intel Atom N2600 model there is a FPDT table which contains...
Linux Distros Unpatched Vulnerability : CVE-2022-50275
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/radeon: Add the missed acpiputtable to fix memory leak When the radeon driver reads the bios information from ACPI table in radeonacpivfctbios, it misses to...
CVE-2022-50320
In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpiosmapmemory on invalid phys address On a Packard Bell Dot SC Intel Atom N2600 model there is a FPDT table which contains invalid physical addresses, with high bits set which fall outside the ran...
CVE-2022-50275
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add the missed acpiputtable to fix memory leak When the radeon driver reads the bios information from ACPI table in radeonacpivfctbios, it misses to call acpiputtable to release the ACPI memory after the init, so add...
PT-2025-37577
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The radeon driver in the Linux kernel has a memory leak. When the driver reads BIOS information from an ACPI table using the radeon acpi vfct bios function, it fails to release the ACP...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49860)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49860 advisory. - In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of STR...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep CVE-2024-26605 In the...
CVE-2021-46985
In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpidevicesetname' fails, we must free 'acpidevicebusid-busid' or there is a potential memory leak...
SUSE CVE-2021-28694
IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresse...
CVE-2022-32953
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...
CVE-2022-32470
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using...
CVE-2022-32474
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...
CVE-2022-32954
An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...
PT-2023-13070 · Insyde · Insydeh2O
Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O versions 5.0 through 5.5 Description: An issue was discovered in Insyde InsydeH2O where DMA attacks on the FvbServicesRuntimeDxe shared buffer could cause TOCTOU race-condition issues, leading to corruption of SMRAM and...
ALPINE-CVE-2021-28694
IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresse...
UBUNTU-CVE-2021-28695
IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresse...
PT-2017-13023 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12.10 Linux kernel versions prior to 4.9 for KASLR protection mechanism bypass Description: The issue is related to the acpi ps complete final op function in the Linux kernel, which does not properly flush nod...