607 matches found
USN-8547-1 linux-gcp-5.15, linux-intel-iotg-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
HTTPS Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an RISC-V 64-bit payload from an HTTPS server. dup2 socket in s1, then execve. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule...
TFTP Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an RISC-V 64-bit payload from a TFTP server. dup2 socket in s1, then execve. Listen for a connection Module Options...
FTP Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an RISC-V 64-bit payload from an FTP server. dup2 socket in s1, then execve. Listen for a connection Module Options...
HTTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an RISC-V 64-bit payload from an HTTP server. dup2 socket in s1, then execve. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule inclu...
FTP Fetch, Linux Chmod
Fetch and execute an RISC-V 32-bit payload from an FTP server. Runs chmod on the specified file with specified mode. Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Linux Execute Command
Fetch and execute an RISC-V 32-bit payload from an FTP server. Execute an arbitrary command Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an RISC-V 64-bit payload from an FTP server. Connect back to attacker and spawn a command shell. Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an RISC-V 32-bit payload from an FTP server. Listen for a connection and spawn a command shell Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
Byte XORi Encoder
Byte XOR encoder for RISC-V 64-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv64le/bytexori msf encoderbytexori show actions ...actions... m...
XOR Encoder
Dword XOR encoder for RISC-V 32-bit Little Endian. Encodes the payload with a 4-byte XOR key. Module Options msf use encoder/riscv32le/longxor msf encoderlongxor show actions ...actions... msf encoderlongxor set ACTION msf encoderlongxor show options ...show and set options... msf encoderlongxor...
Byte XORi Encoder
Byte XOR encoder for RISC-V 32-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv32le/bytexori msf encoderbytexori show actions ...actions... m...
USN-8493-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
CVE-2026-53312
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit component for RISC-V architectures. An integer overflow in the invalidation path can lead to an infinite loop. This vulnerability could allow a local attacker to cause a Denial of Service DoS by triggering the overfl...
EUVD-2026-39847
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...
CVE-2026-53312 iommu/riscv: Remove overflows on the invalidation path
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...
PT-2026-52951
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RISC-V IOMMU invalidation path. Because RISC-V supports sign extended page tables, a gather-end value of ULONG MAX can cause an infinite loop due to an integer...
EUVD-2026-38925
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...
CVE-2026-53057
The CVE-2026-53057 entry describes a Linux kernel IOMMU issue for RISCV: after updating DDT/PDT entries, the system must invalidate TLB and context cache entries. The fix adds riscv_iommu_iodir_iotinval() to perform the required IOTINVAL-based invalidations in accordance with the RISC-V IOMMU spe...
CVE-2026-53057 iommu/riscv: Add IOTINVAL after updating DDT/PDT entries
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...