854 matches found
OESA-2023-1655 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.CVE-2020-13791 An issue was...
PT-2023-9478 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the SPI peripheral in the Linux kernel, where sometimes RX SPI transfers with DMA enabled return corrupted data due to single or multiple bytes lost during DMA...
kernel: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswephaslimitsbox pcigetdevice will increase the reference count for the returned 'dev'. We need to call pcidevput to decrease the reference count. Since 'dev' is only used in...
Lenovo Notebook 访问控制错误漏洞
Lenovo Notebook is a laptop computer from Lenovo, a Chinese company. The Lenovo notebook suffers from an Access Control Error vulnerability that stems from the exposure of the Embedded Controller EC interface in the LCFC BIOS, which causes certain peripheral devices to work abnormally...
PT-2023-13541 · Lenovo · Lcfc Bios
Name of the Vulnerable Software and Affected Versions: LCFC BIOS affected versions not specified Description: A potential issue was discovered in LCFC BIOS for some Lenovo consumer notebook models. This could allow a local attacker with elevated privileges to cause some peripherals to work...
BD Alaris System with Guardrails Suite MX 数据伪造问题漏洞
The BD Alaris System with Guardrails Suite MX is a medical device from Biddy Medical BD. A security vulnerability exists in the BD Alaris System with Guardrails Suite MX, which stems from a GRE dataset file in Systems Manager that can be tampered with and distributed to PCUs...
The vulnerability of the TrustZone subsystem’s networking (netdev) component in Qualcomm embedded operating systems allows a hacker to gain unauthorized access to protected information.
The vulnerability of the TrustZone subsystem for networking functions in Qualcomm embedded systems’ operating systems lies in the insufficient protection of sensitive data during the analysis of peripheral channels. Exploiting this vulnerability can allow attackers to gain unauthorized access to...
kernel: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...
kernel: regmap: spi: Reserve space for register address/padding
In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the maxrawread and maxrawwrite limits in regmapspi struct do not take into account the additional size of the transmitted register address and padding. This may...
kernel: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dwpcieepinit errors If dwpcieepinit fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be undone thus causing a memory...
kernel: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...
CVE-2022-42335
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...
CVE-2023-20082
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This...
CVE-2022-45552
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...
SUSE CVE-2011-4347
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...
SUSE CVE-2013-3495
The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...
SUSE CVE-2015-2150
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and...
SUSE CVE-2019-19057
Two memory leaks in the mwifiexpcieinitevtring function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by triggering mwifiexmappcimemory failures, aka CID-d10dcb615c8e...
SUSE CVE-2019-19579
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device and assignable-add is not used, because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's...
SUSE CVE-2020-13791
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space...