205 matches found
CVE-2021-47302
A vulnerability was found in the Linux kernel's Intel Gigabit Ethernet driver. This issue occurs in the igcpoll function, where a piece of memory is accessed after it has been freed during a reset operation. This could lead to invalid memory access, causing potential system crashes if the driver...
CVE-2021-47441
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...
CVE-2021-47441
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...
CVE-2021-47441 mlxsw: thermal: Fix out-of-bounds memory accesses
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...
CVE-2021-47301
In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igbpoll runs while the controller is reset this can lead...
CVE-2021-47301
In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igbpoll runs while the controller is reset this can lead...
CVE-2021-47302
In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igcpoll runs while the controller is being reset this ca...
CVE-2021-47302 igc: Fix use-after-free error during reset
In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igcpoll runs while the controller is being reset this ca...
CVE-2021-47301 igb: Fix use-after-free error during reset
In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igbpoll runs while the controller is reset this can lead...
CVE-2021-47301
In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igbpoll runs while the controller is reset this can lead...
CVE-2021-47301 igb: Fix use-after-free error during reset
In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch nexttowatch when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igbpoll runs while the controller is reset this can lead...
CVE-2024-35995
A vulnerability was found in the ACPI subsystem's CPPC driver in the Linux kernel. This issue occurs due to the mishandling of memory access bit width during performance capability calculations, which can lead to misaligned memory accesses and cause kernel panics on affected platforms...
SUSE CVE-2024-35995
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...
CVE-2024-35995
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...
PT-2024-32217
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel, specifically the drm/amd/display component. It involves skipping inactive planes within ModeSupportAndSystemConfiguration. The problem was...
Fedora 40 : openvswitch (2024-1f26ce7731)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1f26ce7731 advisory. Update to 3.3.0 Remove network-scripts subpackage starting from Fedora 40 Backport a simple fix to avoid SSL db: implementation test to fail It also...
CVE-2024-26789 crypto: arm64/neonbs - fix out-of-bounds access on short input
In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs - fix out-of-bounds access on short input The bit-sliced implementation of AES-CTR operates on blocks of 128 bytes, and will fall back to the plain NEON version for tail blocks or inputs that are shorter than...
DEBIAN-CVE-2024-26670
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD Currently the ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory access, but is immediately...
SUSE SLES15: libopenvswitch-2_14-0 / libovn-20_06-0 / openvswitch / etc (SUSE-SU-2024:0937-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0937-1 advisory. - CVE-2023-3966: Fixed invalid memory access in Geneve with HW offload bsc1219465. Tenable has extracted the preceding...
CVE-2023-46841
Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and return addresses...