Lucene search
K

324 matches found

UbuntuCve
UbuntuCve
added 2024/05/30 4:15 p.m.21 views

CVE-2024-36925

In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References10
OSV
OSV
added 2024/05/30 4:15 p.m.1 views

UBUNTU-CVE-2024-36925

In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...

5.5CVSS6.4AI score0.00227EPSS
Exploits0References11
Cvelist
Cvelist
added 2024/05/30 3:29 p.m.23 views

CVE-2024-36925 swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y

In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...

6.3AI score0.00227EPSS
Exploits0References3
CVE
CVE
added 2024/05/30 3:29 p.m.114 views

CVE-2024-36925

CVE-2024-36925 affects the Linux kernel SWIOTLB path. When CONFIG_DMA_RESTRICTED_POOL=y and CONFIG_SWIOTLB_DYNAMIC=y, initialising restricted pool memory could crash due to a NULL mem->pools during add_mem_pool() in rmem_swiotlb_device_init(). The crash arises from a NULL pointer dereference i...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/05/30 3:29 p.m.16 views

CVE-2024-36925 swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y

In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...

5.5CVSS5.6AI score0.00227EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.7 views

PT-2024-9020 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the swiotlb component of the Linux kernel. It occurs when using restricted DMA pools in conjunction with dynamic SWIOTLB, leading to a crash at boot-time due to...

9.8CVSS6.5AI score0.01483EPSS
Exploits3References726
Kitploit
Kitploit
added 2024/05/24 12:30 p.m.72 views

PoolParty - A Set Of Fully-Undetectable Process Injection Techniques Abusing Windows Thread Pools

A collection of fully-undetectable process injection techniques abusing Windows Thread Pools. Presented at Black Hat EU 2023 Briefings under the title - injection-techniques-using-windows-thread-pools-35446"The Pool Party You Will Never Forget: New Process Injection Techniques UsingWindows Thread...

7.7AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/05/07 2:49 a.m.2 views

SUSE CVE-2022-48690

In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...

5.5CVSS6.3AI score0.00193EPSS
Exploits0References6
OSV
OSV
added 2024/05/03 6:15 p.m.6 views

DEBIAN-CVE-2022-48690

In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...

5.5CVSS5.3AI score0.00193EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/05/03 6:15 p.m.27 views

CVE-2022-48690

In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...

5.5CVSS5.9AI score0.00193EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/03 5:44 p.m.25 views

CVE-2022-48690 ice: Fix DMA mappings leak

In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...

6.8AI score0.00193EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 5:44 p.m.86 views

CVE-2022-48690

Insight : CVE-2022-48690 refers to a Linux kernel fix in the ice driver for a DMA mappings leak when reallocating RX buffers while changing ring parameters. The leak occurred because kfree on rx_buf freed DMA mappings that were still active, leading to leaked DMA mappings during buffer substituti...

5.5CVSS6.5AI score0.00193EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/05/03 5:44 p.m.24 views

CVE-2022-48690

In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but...

5.5CVSS6.9AI score0.00193EPSS
Exploits0
OSV
OSV
added 2024/03/06 10:57 a.m.84 views

BIT-APACHE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS8.7AI score0.58716EPSS
Exploits2References27
ATTACKERKB
ATTACKERKB
added 2024/02/29 1:42 a.m.4 views

CVE-2023-50437

An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...

8.6CVSS5.8AI score0.00683EPSS
Exploits0References4
OSV
OSV
added 2024/02/29 1:42 a.m.4 views

CVE-2023-50437

An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...

8.6CVSS5.8AI score0.00683EPSS
Exploits0References3
Citrix
Citrix
added 2023/12/28 12:0 a.m.6 views

The new feature "Use existing identity pools to create identities for MCS-provisioned machines"

For quick deploy, it should be 1 to 1 mapping for identity pool to MCS catalog...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.9 views

Any user can drain the escrow contract by calling decreaseDepositRequest with more amount than they deposited into the escrow while requesting.

Lines of code Vulnerability details Impact In the protocol, users submit deposit requests to the Centrifuge gateway for depositing assets into the Liquidity Pools. There is also a mechanism to decrease this deposit order by calling LiquidityPool::decreaseDepositRequest which decreases their depos...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.12 views

DEPRECATED POOLS CAN BE USED IN THE CRITICAL TRANSACTION EXECUTIONS OF THE OptionsPositionManager CONTRACT

Lines of code Vulnerability details Impact The PositionManager.getPoolAddresses function is used to get the important address details of the RoePool to be used in the critical function executions of the OptionsPositionManager contract such as executeBuyOptions, executeLiquidation,...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.6 views

isDeprecated CAN ONLY BE MADE TO true AND CAN NOT BE CHANGED TO false IN THE FUTURE IF THE NEED ARISES

Lines of code Vulnerability details Impact The RoeRouter.deprecatePool function is used to Deprecate a pool. It is a onlyOwner modifier controlled function. A pool can be deprecated via the deprecatePool function as shown below: function deprecatePooluint poolId public onlyOwner...

6.8AI score
Exploits0
Rows per page
Query Builder