Lucene search
K

36 matches found

SUSE CVE
SUSE CVE
added 2024/09/19 3:10 a.m.5 views

SUSE CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

5.5CVSS6.7AI score0.00241EPSS
Exploits0References22
RedhatCVE
RedhatCVE
added 2024/09/18 11:45 a.m.22 views

CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

5.5CVSS7.4AI score0.00241EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/09/18 7:12 a.m.30 views

CVE-2024-46774 powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

0.00241EPSS
Exploits0References6
CVE
CVE
added 2024/09/18 7:12 a.m.156 views

CVE-2024-46774

CVE-2024-46774 affects the Linux kernel PowerPC RTAS path (sys_rtas). The issue arises in powerpc/rtas.c where nargs/nret come from a user buffer and are used as indices into a small stack array and as inputs to copy_to_user after bounds checks, allowing speculative execution (Spectre v1) gadget ...

7.1CVSS6.9AI score0.00241EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/16 12:0 a.m.54 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2024:2923-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2923-1 advisory. The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

7.8CVSS7.1AI score0.00872EPSS
Exploits0References86
OSV
OSV
added 2024/08/14 7:25 a.m.23 views

SUSE-SU-2024:2902-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name bsc1227716. - CVE-2024-41069: ASoC: topology: Fix route memory corruption bsc1228644. -...

8.4CVSS8.3AI score0.00915EPSS
Exploits4References405
UbuntuCve
UbuntuCve
added 2024/04/17 11:15 a.m.106 views

CVE-2024-26847

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

5.1CVSS5.8AI score0.0024EPSS
Exploits0References5
CVE
CVE
added 2024/04/17 10:14 a.m.75 views

CVE-2024-26847

CVE-2024-26847 concerns the Linux kernel on POWER platforms where RTAS function names were spelled inconsistently. The PAPR-specified name is ibm,reset-pe-dma-windows, but firmware in practice used ibm,reset-pe-dma-window in the device tree. This mismatch caused reverse lookups (token -> name)...

5.1CVSS6.7AI score0.0024EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/09/29 8:14 a.m.4 views

USN-5094-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon vulnerabilities

It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute...

8.7CVSS7.1AI score0.00734EPSS
Exploits2References7
Oracle linux
Oracle linux
added 2021/08/31 12:0 a.m.101 views

kernel security and bug fix update

3.10.0-1160.41.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...

8.3CVSS0.5AI score0.78684EPSS
Exploits23
OSV
OSV
added 2021/02/25 6:43 a.m.7 views

USN-4751-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities

It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-25656 Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling...

8.8CVSS6.8AI score0.01129EPSS
Exploits10References19
Cloud Foundry
Cloud Foundry
added 2021/02/10 12:0 a.m.51 views

USN-4680-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service syste...

8.2CVSS7.9AI score0.06692EPSS
Exploits10Affected Software1
OSV
OSV
added 2021/01/28 7:9 a.m.6 views

USN-4708-1 linux, linux-lts-xenial vulnerabilities

Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service system crash. CVE-2018-13093 It was discovered that the btrfs fi...

9.3CVSS6.9AI score0.03293EPSS
Exploits4References6
Ubuntu
Ubuntu
added 2021/01/28 7:9 a.m.225 views

USN-4708-1: Linux kernel vulnerabilities

Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service system crash. CVE-2018-13093 It was discovered that the btrfs fi...

9.3CVSS6.9AI score0.03293EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2021/01/28 12:0 a.m.46 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4708-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4708-1 advisory. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to...

9.3CVSS7.1AI score0.03293EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.63 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4679-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4679-1 advisory. It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose...

7.2CVSS6.8AI score0.01026EPSS
Exploits4References7
Rows per page
Query Builder