kernel: tcp: fix page frag corruption on page fault

A vulnerability was found in the Linux kernel's TCP subsystem in the tcpsendmsglocked function, which can lead to page fragment corruption during a page fault, which occurs when a TCP stream experiences nested access to the task page fragment due to a page fault while handling memory-mapped...

AMD Secure Encrypted Virtualization 安全漏洞

AMD Secure Encrypted Virtualization is a software application from AMD USA. Hardware-accelerated memory encryption to protect data in use. A security vulnerability exists in AMD Secure Encrypted Virtualization TMR that stems from a failure to verify that the SEV-ES TMR is not in MMIO space,...

QEMU 资源管理错误漏洞

QEMU Quick Emulator is a set of emulation processor software by Fabrice Bellard, a French personal developer. A denial of service vulnerability exists in versions prior to QEMU 7.0.0, which stems from EHCI's failure to verify that the buffer pointer overlaps with its MMIO region when transferring...

DEBIAN-CVE-2021-3638

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QE...

Important: Red Hat Security Advisory: parfait:0.5 security update

An update for the parfait:0.5 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

QEMU: net: e1000e: use-after-free while sending packets

A use-after-free flaw was found in the INTEL 82574 NIC e1000e emulator of the QEMU. The issue happens while sending packets if the guest user has set the packet data address to the e1000e's MMIO address. This flaw allows a guest user or process to crash the QEMU process on the host, resulting in ...

Google TensorFlow buffer overflow vulnerability (CNVD-2021-87034)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, U.S. A buffer overflow vulnerability exists in Google TensorFlow, which stems from the fact that the ImmutableConst operation can be tricked into reading arbitrary memory content. This is because the...

CVE-2021-41227 Arbitrary memory read in `ImmutableConst`

TensorFlow is an open source platform for machine learning. In affected versions the ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation...

PT-2021-23200 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: TensorFlow is an open source platform for machine learning. The ImmutableConst...

The vulnerability of the ati_2d_blt() subroutine in the QEMU hardware emulation software, related to integer overflow, allows a hacker to cause a system failure.

The vulnerability of the ati2dblt subroutine in the QEMU hardware emulation software is related to integer overflow during MMIO write operations. Exploiting this vulnerability can allow an attacker to cause a system failure...

PT-2021-8177 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the clk component of the Linux kernel, where unbinding a CCU driver unmaps the device's MMIO region but leaves its clocks/resets and their providers registered...

USN-4467-2 qemu vulnerabilities

USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly u...

QEMU 缓冲区错误漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU 4.1.0 suffers from a security vulnerability that stems from an out-of-bounds read flaw found in the ATI VGA implementation. It occurs in t...

Race condition

Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would...

CVE-2020-15294

CVE-2020-15294 refers to a vulnerability in Bitdefender Hypervisor Introspection (HVI) prior to version 1.132.2. The root cause is a compiler optimization issue in IntPeParseUnwindData(), which can trigger multiple dereferences of the same pointer—potentially when that pointer is memory-mapped fr...

CVE-2020-15294 Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)

Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would...

Design/Logic Flaw

In affected versions of TensorFlow the tf.rawops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the...

PYSEC-2020-334

In affected versions of TensorFlow the tf.rawops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the...

PYSEC-2020-299

In affected versions of TensorFlow the tf.rawops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the...

PYSEC-2020-255

In affected versions of TensorFlow the tf.rawops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the...