Lucene search
K

250 matches found

RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.5 views

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

7.4CVSS7AI score0.00176EPSS
Exploits0References1
NVD
NVD
added 2025/11/17 6:15 p.m.8 views

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

7.4CVSS0.00176EPSS
Exploits0References1
OSV
OSV
added 2025/11/17 6:15 p.m.3 views

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

7.4CVSS5.8AI score0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/17 5:18 p.m.7 views

CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

6.6AI score0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/17 5:18 p.m.9 views

CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

0.00176EPSS
Exploits0References1
CVE
CVE
added 2025/11/17 5:18 p.m.25 views

CVE-2025-58407

CVE-2025-58407 concerns Imagination Technologies GPU DDK/driver software used in a Guest VM. The vulnerability is a TOCTOU race in the GPU firmware interaction (psFWMemContext->uiPageCatBaseRegSet) that could allow reading and/or writing data outside the allotted memory, enabling escape from t...

7.4CVSS6.6AI score0.00176EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.6 views

PT-2025-47174

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware, potentially exploiting a TOCTOU race condition. This could lead to a read and/or write of data outside the...

7.4CVSS6.5AI score0.00176EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2025/11/13 2:47 p.m.5 views

USN-7862-3: Linux kernel (Xilinx ZynqMP) vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS7.4AI score0.00331EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/13 2:33 p.m.10 views

USN-7861-3: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.4AI score0.01345EPSS
Exploits8
RedHat Linux
RedHat Linux
added 2025/11/11 9:19 a.m.5 views

open-vm-tools: Insecure file handling

A vulnerability was found in open-vm-tools. A malicious actor with non-administrative privileges on a guest virtual machine VM may tamper with the local files to trigger insecure file operations within that VM...

6.1CVSS5.7AI score0.00255EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2025/11/10 9:54 a.m.3 views

USN-7862-2: Linux kernel vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS7.4AI score0.00331EPSS
Exploits0
OSV
OSV
added 2025/11/10 9:54 a.m.9 views

USN-7862-2 linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-raspi vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS5.8AI score0.00331EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/11/10 9:40 a.m.3 views

USN-7860-5: Linux kernel (HWE) vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS7.4AI score0.00331EPSS
Exploits0
OSV
OSV
added 2025/11/10 9:40 a.m.5 views

USN-7860-5 linux-hwe-6.14 vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS6.3AI score0.00331EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/11/07 10:37 a.m.6 views

USN-7860-4: Linux kernel (Real-time) vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS7.4AI score0.00331EPSS
Exploits0
OSV
OSV
added 2025/11/07 10:37 a.m.5 views

USN-7860-4 linux-intel-iot-realtime, linux-realtime vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS5.8AI score0.00331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.5 views

Ubuntu 24.04 LTS / 25.04 : Linux kernel vulnerability (USN-7860-1)

The remote Ubuntu 24.04 LTS / 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7860-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between...

5.5CVSS7.6AI score0.00331EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/11/06 1:32 p.m.3 views

USN-7860-2: Linux kernel (Real-time) vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS7.4AI score0.00331EPSS
Exploits0
OSV
OSV
added 2025/11/06 1:32 p.m.6 views

USN-7860-2 linux-realtime-6.14 vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS5.8AI score0.00331EPSS
Exploits0References2
OSV
OSV
added 2025/11/06 9:16 a.m.9 views

USN-7862-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerability

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

5.5CVSS5.8AI score0.00331EPSS
Exploits0References2
Rows per page
Query Builder