Lucene search
K

84 matches found

OSV
OSV
added 2024/12/20 1:7 p.m.5 views

OESA-2024-2567 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Integer Underflow Wrap or Wraparound vulnerability in Renesas arm-trusted-firmware. An integer underflo...

7.8CVSS7.7AI score0.0019EPSS
Exploits0References3
OSV
OSV
added 2024/12/20 1:7 p.m.6 views

OESA-2024-2566 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Integer Underflow Wrap or Wraparound vulnerability in Renesas arm-trusted-firmware. An integer underflo...

7.8CVSS7.7AI score0.0019EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/10/22 2:42 p.m.11 views

CVE-2024-49878

In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff ...

5.5CVSS7.2AI score0.00298EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/09/11 5:23 p.m.10 views

CVE-2024-45014

In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible physmeminfo segment corruption When physical memory for the kernel image is allocated it does not consider extra memory required for offsetting the image start to match it with the lower 20 bits of KASLR...

6CVSS7.1AI score0.00177EPSS
Exploits0References4
OSV
OSV
added 2024/09/11 3:13 p.m.23 views

CVE-2024-45014 s390/boot: Avoid possible physmem_info segment corruption

In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible physmeminfo segment corruption When physical memory for the kernel image is allocated it does not consider extra memory required for offsetting the image start to match it with the lower 20 bits of KASLR...

5.5CVSS4.8AI score0.00177EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a fixed MTRRs existence checking vulnerability in the x86/mtrr component...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References10
NVD
NVD
added 2024/08/01 4:15 p.m.31 views

CVE-2024-6873

It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time o...

8.1CVSS0.00721EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/06/24 11:23 p.m.2 views

SUSE CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

7.8CVSS7.7AI score0.0019EPSS
Exploits0References3
NVD
NVD
added 2024/06/24 4:15 p.m.30 views

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

7.8CVSS0.0019EPSS
Exploits0References2
OSV
OSV
added 2024/06/24 4:15 p.m.25 views

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

7.8CVSS7.7AI score0.0019EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/06/24 4:15 p.m.18 views

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

7.8CVSS6.3AI score0.0019EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/24 3:37 p.m.16 views

CVE-2024-6287 Incorrect Address Range Calculations

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

7.5CVSS7.4AI score0.0019EPSS
Exploits0References2
CVE
CVE
added 2024/06/24 3:37 p.m.70 views

CVE-2024-6287

CVE-2024-6287 concerns Renesas arm-trusted-firmware. The issue is an Incorrect Calculation in the image overlap/check logic that can let an attacker bypass memory range restrictions and overwrite a loaded image, potentially causing local code execution and bypass of secure boot. If exploited, thi...

7.8CVSS7.7AI score0.0019EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/24 3:37 p.m.45 views

CVE-2024-6287 Incorrect Address Range Calculations

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

7.5CVSS0.0019EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/06/24 3:37 p.m.15 views

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

7.8CVSS6.1AI score0.0019EPSS
Exploits0
Cvelist
Cvelist
added 2024/06/24 3:32 p.m.34 views

CVE-2024-6285 Integer Underflow in Memory Range Check in Renesas RCAR

Integer Underflow Wrap or Wraparound vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses...

7.5CVSS0.00189EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/24 3:32 p.m.20 views

CVE-2024-6285 Integer Underflow in Memory Range Check in Renesas RCAR

Integer Underflow Wrap or Wraparound vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses...

7.5CVSS6.9AI score0.00189EPSS
Exploits0References2
ClickHouse
ClickHouse
added 2024/06/01 12:0 a.m.18 views

Fixed in ClickHouse v24.5, 2024-06-01​

It is possible to redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time of...

8.3AI score
Exploits0Affected Software1
Debian CVE
Debian CVE
added 2024/04/03 5:0 p.m.28 views

CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

5.5CVSS7.1AI score0.00236EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/03/13 4:22 a.m.3 views

SUSE CVE-2024-26617

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it. The notifier will invalidate memory range. Depending...

7CVSS6.4AI score0.00163EPSS
Exploits0References3
Rows per page
Query Builder