Lucene search
K

58 matches found

BDU FSTEC
BDU FSTEC
added 2024/12/11 12:0 a.m.6 views

The vulnerabilities of the iommu/vt-d components of the Linux operating system’s kernel, which allow a hacker to cause a service failure

The vulnerability of the iommu/vt-d components in the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan of these components has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References10Affected Software4
SUSE CVE
SUSE CVE
added 2024/10/23 1:22 p.m.7 views

SUSE CVE-2024-50001

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under...

5.5CVSS6.3AI score0.00315EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2024/10/02 12:45 a.m.6 views

kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity

A flaw was found in the way AMD IOMMU handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity...

6CVSS7.1AI score0.00174EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/09/24 12:0 a.m.6 views

The vulnerability of the x86 IOMMU Identity Mapping component in the cross-platform hypervisor Xen allows a attacker to influence the confidentiality, integrity, and accessibility of the system.

The vulnerability of the x86 IOMMU Identity Mapping component in the cross-platform hypervisor Xen is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

7.5CVSS7.5AI score0.00234EPSS
Exploits0References10Affected Software5
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a potential fault handling error and system crash vulnerability in the iommu component...

5.5CVSS6.8AI score0.00183EPSS
Exploits0References4
OSV
OSV
added 2024/08/22 2:15 a.m.5 views

DEBIAN-CVE-2022-48904

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix I/O page table memory leak The current logic updates the I/O page table mode for the domain before calling the logic to free memory used for the page table. This results in IOMMU page table memory leak, and can be...

5.5CVSS5.6AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 12:15 p.m.3 views

DEBIAN-CVE-2022-48796

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential use-after-free during probe Kasan has reported the following use after free on dev-iommu. when a device probe fails and it is in process of freeing dev-iommu in deviommufree function, a deferredprobeworkfunc...

7.8CVSS5.8AI score0.00252EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 3:15 p.m.4 views

UBUNTU-CVE-2024-35843

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by calling pcigetdomainbusandslot. This function searches the list of all PCI devices until the desired...

6.8CVSS6.2AI score0.00217EPSS
Exploits0References10
OSV
OSV
added 2024/03/20 11:15 a.m.4 views

ALPINE-CVE-2023-46839

PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions need an IOMMU context...

5.3CVSS6.9AI score0.00805EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: iommu/vt-d: Clean up si_domain in the init_dmars() error path

A memory leak flaw was found in the Linux kernel's Intel VT-d IOMMU driver in the initialization error path. A local user can trigger this issue when the initdmars function fails during IOMMU setup, causing the sidomain memory to remain allocated without being freed. This results in a permanent...

5.5CVSS7.1AI score0.0015EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.2 views

kernel: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via nodeonlineNUMANONODE KASAN reports: 4.668325 T0 BUG: KASAN: wild-memory-access in dmarparseonerhsa arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226...

7.1CVSS6.2AI score0.00211EPSS
Exploits0References5
OSV
OSV
added 2022/05/11 5:15 p.m.3 views

CVE-2021-26348

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/05/11 12:0 a.m.8 views

PT-2022-9731 · Suse · Suse

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to the failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU, which may allow an IO device ...

9.8CVSS6.3AI score0.74041EPSS
Exploits11References110
Positive Technologies
Positive Technologies
added 2022/04/05 12:0 a.m.9 views

PT-2022-17810 · Suse · Suse

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns IOMMU: RMRR VT-d and unity map AMD-Vi handling problems. Certain PCI devices in a system might be assigned Reserved Memory Regions fo...

7.8CVSS6.5AI score0.00508EPSS
Exploits3References93
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.7 views

The vulnerability of Xen hypervisors, related to the use of memory after it is freed, allows a attacker to cause a service failure or increase their privileges.

The vulnerability of Xen hypervisors relates to the use of memory after it is freed during the processing of input/output page tables in the IOMMU Input/Output Memory Management Unit memory management unit. Exploiting this vulnerability can allow an attacker to cause service failures or increase...

7.1CVSS7.1AI score0.00427EPSS
Exploits0References10Affected Software5
RedHat Linux
RedHat Linux
added 2021/10/26 4:28 p.m.2 views

kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks

A flaw was found in the Linux kernel’s KVM implementation, where improper handing of the VMIO|VMPFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of...

8.7CVSS7AI score0.0066EPSS
Exploits1References5
OSV
OSV
added 2019/10/08 1:15 a.m.1 views

UBUNTU-CVE-2019-17345

An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV guest OS users to cause a denial of service because mishandling of failed IOMMU operations causes a bug check during the cleanup of a crashed guest...

6.5CVSS6.8AI score0.0035EPSS
Exploits0References3
OSV
OSV
added 2018/12/08 4:29 a.m.1 views

DEBIAN-CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS9.3AI score0.00409EPSS
Exploits0References1
Rows per page
Query Builder