Lucene search
K

299 matches found

OSV
OSV
added 2020/10/06 3:15 p.m.2 views

UBUNTU-CVE-2020-25742

pcichangeirqlevel in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pcigetbus might not return a valid pointer...

3.2CVSS6.1AI score0.00467EPSS
Exploits0References4
OSV
OSV
added 2020/09/23 9:15 p.m.2 views

UBUNTU-CVE-2020-25595

An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...

7.8CVSS6.7AI score0.00373EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.7 views

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

...

5.3CVSS7AI score0.00404EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/05/14 12:0 a.m.15 views

PT-2020-5392 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.6.13 Description: The issue is related to the VFIO PCI driver in the Linux kernel, which mishandles attempts to access disabled memory space. This can be exploited to cause a denial of service. Recommendations:...

10CVSS7.3AI score0.98745EPSS
Exploits176References2184
Positive Technologies
Positive Technologies
added 2019/07/10 12:0 a.m.3 views

PT-2019-4891 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11.x Description: The issue is caused by synchronization errors when using a shared resource, allowing an attacker to cause a denial of service or gain privileges by leveraging a page-writability race condition during...

9.8CVSS7.8AI score0.16658EPSS
Exploits4References201
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.5 views

The vulnerability of the jsm_probe_one handler implementation in Linux kernels allows a hacker to trigger a service failure.

The vulnerability in the implementation of the jsmprobeone function in the drivers/tty/serial/jsm/jsm.ko kernel of the Linux operating system is caused by a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a Digi International Neo and Classi...

6.2CVSS5.5AI score
Exploits0Affected Software1
Microsoft KB
Microsoft KB
added 2018/10/09 12:0 a.m.5 views

June 14, 2016 — KB3163017 (OS Build 10240.16942)

June 14, 2016 — KB3163017 OS Build 10240.16942 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Microsoft Edge, and Windows Explorer. Improved...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2018/08/12 12:0 a.m.3 views

PT-2023-8981 · Libvirt +9 · Libvirt +9

Name of the Vulnerable Software and Affected Versions: libvirt affected versions not specified Description: A security flaw in libvirt occurs due to repeatedly querying an SR-IOV PCI device's capabilities, exposing a memory leak caused by a failure to free the virPCIVirtualFunction array within t...

6.5CVSS5.8AI score0.02294EPSS
Exploits0References77
RedHat Linux
RedHat Linux
added 2016/11/14 8:3 p.m.3 views

Qemu: OOB access in address_space_rw leads to segmentation fault

An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw...

5.5CVSS7.3AI score0.00402EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/11/07 6:14 p.m.3 views

Qemu: OOB access in address_space_rw leads to segmentation fault

An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw...

5.5CVSS7.3AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2016/04/13 3:59 p.m.1 views

DEBIAN-CVE-2015-8551

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service NULL pointer dereference and host OS crash by leveraging a system with access to a...

6CVSS6AI score0.00451EPSS
Exploits0References1
OSV
OSV
added 2015/12/17 12:0 a.m.4 views

UBUNTU-CVE-2015-8552

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service disk consumption by leveraging a system with access to a...

4.4CVSS6.7AI score0.00446EPSS
Exploits0References11
CNVD
CNVD
added 2015/06/04 12:0 a.m.3 views

Xen Denial of Service Vulnerability (CNVD-2015-03572)

Xen is an open source virtual machine monitor. Xen versions 3.3.x-4.5.x, fail to properly restrict access to the PCI MSI mask bit, which can be exploited by native x86 HVM clients to cause a denial of service unexpected outage and host crash...

7.8CVSS6.5AI score0.03427EPSS
Exploits0References1
OSV
OSV
added 2015/06/03 12:0 a.m.3 views

UBUNTU-CVE-2015-4104

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service unexpected interrupt and host crash via unspecified vectors...

7.8CVSS7.3AI score0.03427EPSS
Exploits0References4
OSV
OSV
added 2015/04/01 2:59 p.m.1 views

DEBIAN-CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

4.9CVSS8.1AI score0.00453EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/06/26 6:32 p.m.5 views

kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

4CVSS5.8AI score0.00367EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/03/06 6:34 p.m.4 views

kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

4CVSS5.8AI score0.00367EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/02/21 2:20 a.m.6 views

kernel: kvm: device assignment DoS

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

4CVSS5.8AI score0.00367EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/10/20 5:20 p.m.8 views

kernel: xen: IOMMU fault livelock

Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCIE device to cause a denial of service CPU consumption and host hang via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock...

4.6CVSS5.8AI score0.0044EPSS
Exploits1References4
Rows per page
Query Builder