1210 matches found
UBUNTU-CVE-2021-20255
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...
PT-2021-7314 · Qemu +3 · Qemu +3
Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry...
PT-2021-7378
Name of the Vulnerable Software and Affected Versions QEMU versions up to and including 5.2.0 Description The issue is related to a potential stack overflow via an infinite loop in various NIC emulators of QEMU. This occurs in loopback mode of a NIC where reentrant DMA checks get bypassed, allowi...
DEBIAN-CVE-2021-27379
An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service host OS crash or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct...
UBUNTU-CVE-2021-27379
An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service host OS crash or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct...
A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host resulting in a denial of service condition or potentially execute arbitrary code with privileges of the QEMU process on the host.
...
PT-2020-7004 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's media subsystem, specifically the Aspeed video driver. It introduces improper reset on the Video Engine hardware, causing unexpected DMA memo...
DEBIAN-CVE-2020-25723
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...
kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS
A flaw was found in the way the mwifiex PCIE driver in the Linux kernel handled resource cleanup on a DMA mapping error. This flaw allows an attacker able to trigger the DMA mapping error to crash the system...
kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS
A flaw was found in the way the mwifiex PCIE driver in the Linux kernel handled resource cleanup on a DMA mapping error. This flaw allows an attacker able to trigger the DMA mapping error to crash the system...
CVE-2020-3529
A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. The...
The vulnerability of Thunderbolt devices’ microcontrollers lies in the ability to load metadata from an unauthenticated device. This allows a hacker to gain direct access to the memory of computing devices connected to Thunderbolt interfaces.
The vulnerability of Thunderbolt devices’ microcontrollers relates to the ability to load metadata from an unauthenticated device. Exploiting this vulnerability can allow a hacker to gain direct access to the memory of the computing device, which is connected to Thunderbolt devices...
The vulnerability of Thunderbolt devices’ microcontrollers, related to errors in the implementation of the SPI Flash interface, allows attackers to gain direct access to the memory of computing devices connected to Thunderbolt interfaces.
The vulnerability of Thunderbolt device microcontrollers is related to errors in the implementation of the SPI Flash interface. Exploiting this vulnerability can allow an attacker to gain direct access to the memory of computing devices, to which Thunderbolt-enabled devices are connected...
The vulnerability of Thunderbolt devices’ microcontrollers stems from the use of a weak authentication scheme for the device. This allows attackers to gain direct access to the memory of the computing device, which is connected to Thunderbolt interfaces.
The vulnerability of Thunderbolt device microcontrollers is related to the use of a weak authentication mechanism for devices. Exploiting this vulnerability can allow attackers to gain direct access to the memory of computing devices, to which Thunderbolt devices are connected...
The vulnerability of Thunderbolt device microcontrollers, related to the lack of protection at the “Work Camp” level, allows a intruder to gain direct access to the memory of computing devices to which Thunderbolt-enabled devices are connected.
The vulnerability of Thunderbolt device microcontrollers is related to the lack of protection at the “Work Camp” level. Exploiting this vulnerability can allow an attacker to gain direct access to the memory of computing devices, to which Thunderbolt devices are connected...
UBUNTU-CVE-2020-12465
An array overflow was discovered in mt76addfragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages...
kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS
A flaw was found in the way the Intel Wireless driver in the Linux kernel handled resource cleanup during Gen 3 device initialization. This flaw allows an attacker with the ability to restrict access to DMA coherent memory on device initialization, to crash the system...
SAS@Home Virtual Summit Showcases New Threat Intel, Industry Changes
As the COVID-19 pandemic continues to force in-person cybersecurity event cancellations, Kaspersky is forging ahead with a virtual security summit, SAS@home. Topics on the agenda include threat intel on advanced persistent threats APTs, new vulnerability research, and topics related to a...
The vulnerability of the ide_dma_cb() function in QEMU’s hardware emulation software lies in its insufficient checking of unusual or exceptional states. This allows a malicious actor to trigger a service failure.
The vulnerability of the idedmacb function in the hardware emulation for various QEMU platforms is related to a bug in the host system, triggered through the special SCSIIOCTLSENDCOMMAND. This bug requires that the size of successfully transferred DMA operations be a multiple of 512 equal to the...
Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs
Fresh firmware vulnerabilities in Wi-Fi adapters, USB hubs, trackpads and cameras are putting millions of peripheral devices in danger of a range of cyberattacks, according to research from Eclypsium. TouchPad and TrackPoint firmware in Lenovo Laptops, HP Wide Vision FHD camera firmware in HP...