408 matches found
x86/tdx: Fix "in-kernel MMIO" check
...
SUSE CVE-2024-50114
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvmputkvm+0x300/0xe68...
UBUNTU-CVE-2024-50114
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvmputkvm+0x300/0xe68...
PT-2024-35643
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue is related to the KVM UAPI in the Linux kernel, where returning an abort to the guest for an unsupported MMIO access can cause a warning. This warning occurs when KVM is advancing PC...
SUSE CVE-2024-47727
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...
AZL-50879 CVE-2024-47727 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...
DEBIAN-CVE-2024-47727
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper in-kernel MMIO checking in the x86/tdx subsystem, which could lead to a security breach...
drm/amdkfd: don't allow mapping the MMIO HDP page with large pages
...
Fixed in Apache Tomcat JK Connector 1.2.50
Moderate: Information disclosure / Denial of service CVE-2024-46544 Incorrect default permissions for the memory mapped file configured by the JkShmFile directive on Unix like systems allows local users to view and/or modify the contents of the shared memory containing modjk configuration and...
AZL-53295 CVE-2024-46794 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...
AZL-49321 CVE-2024-46705 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/xe: reset mmio mappings with devm Set our various mmio mappings to NULL. This should make it easier to catch something rogue trying to mess with mmio after device removal. For example, we might unmap everything and then start...
AZL-48820 CVE-2024-41011 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We remap the HDP flush...
DEBIAN-CVE-2024-41011
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We remap the HDP flush...
The vulnerability of the qemu-kvm hardware emulation package from QEMU allows a attacker to trigger a service failure.
The vulnerability of the qemu-kvm hardware emulation package from QEMU is related to the lack of checks to ensure that the buffer pointer does not overlap with the MMIO region during USB packet transmission. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2021-47544
In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root cause is quite similar...
DEBIAN-CVE-2021-47544
In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root cause is quite similar...
UBUNTU-CVE-2021-47341
In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvmvmioctlunregistercoalescedmmio BUG: KASAN: use-after-free in kvmvmioctlunregistercoalescedmmio+0x7c/0x1ec arch/arm64/kvm/../../../virt/kvm/coalescedmmio.c:183 Read of size 8 at addr...
SUSE CVE-2024-35858
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix memory leak when bringing down interface When bringing down the TX rings we flush the rings but forget to reclaimed the flushed packets. This leads to a memory leak since we do not free the dma mapped buffers. Th...
DEBIAN-CVE-2024-35818
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Define the ioaw hook as mmiowb Commit fb24ea52f78e0d595852e "drivers: Remove explicit invocations of mmiowb" remove all mmiowb in drivers, but it says: "NOTE: mmiowb has only ever guaranteed ordering in conjunction wit...