Lucene search
K

135 matches found

Vulnrichment
Vulnrichment
added 2024/09/18 7:12 a.m.15 views

CVE-2024-46774 powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

6.9AI score0.00241EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/08/16 12:0 a.m.54 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2024:2923-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2923-1 advisory. The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

7.8CVSS7.1AI score0.00872EPSS
Exploits0References86
OSV
OSV
added 2024/08/14 7:25 a.m.23 views

SUSE-SU-2024:2902-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name bsc1227716. - CVE-2024-41069: ASoC: topology: Fix route memory corruption bsc1228644. -...

8.4CVSS8.3AI score0.00915EPSS
Exploits4References405
OSV
OSV
added 2024/08/13 2:6 p.m.23 views

SUSE-SU-2024:2893-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name bsc1227716. - CVE-2024-41069: ASoC: topology: Fix route memory corruption bsc1228644. -...

7.8CVSS8AI score0.00306EPSS
Exploits1References53
Positive Technologies
Positive Technologies
added 2024/06/28 12:0 a.m.7 views

PT-2024-32189

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the prevention of Spectre v1 gadget construction in the sys rtas function. The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as...

7.5CVSS5.8AI score0.00241EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/04/17 7:53 p.m.24 views

CVE-2024-26847

A flaw was found in the Linux Kernel. Wrong spelling in the RTAS function table can cause reverse lookups yo fail and warn 'unexpected failed lookup for token' due to function names being used for resetting TCE tables. Linux kernel errors are possible when lockdep is enabled or the RTAS tracepoin...

3.3CVSS4.8AI score0.0024EPSS
Exploits0References4
NVD
NVD
added 2024/04/17 11:15 a.m.19 views

CVE-2024-26847

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

5.1CVSS6.5AI score0.0024EPSS
Exploits0References3
OSV
OSV
added 2024/04/17 11:15 a.m.2 views

DEBIAN-CVE-2024-26847

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

5.1CVSS5AI score0.0024EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/04/17 11:15 a.m.41 views

CVE-2024-26847

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

5.1CVSS5.8AI score0.0024EPSS
Exploits0References5
OSV
OSV
added 2024/04/17 11:15 a.m.2 views

UBUNTU-CVE-2024-26847

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

5.1CVSS5.7AI score0.0024EPSS
Exploits0References6
CVE
CVE
added 2024/04/17 10:14 a.m.74 views

CVE-2024-26847

CVE-2024-26847 concerns the Linux kernel on POWER platforms where RTAS function names were spelled inconsistently. The PAPR-specified name is ibm,reset-pe-dma-windows, but firmware in practice used ibm,reset-pe-dma-window in the device tree. This mismatch caused reverse lookups (token -> name)...

5.1CVSS6.7AI score0.0024EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/04/17 10:14 a.m.24 views

CVE-2024-26847 powerpc/rtas: use correct function name for resetting TCE tables

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

6.8AI score0.0024EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/04/17 10:14 a.m.20 views

CVE-2024-26847

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

5.1CVSS4.2AI score0.0024EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/04/17 10:14 a.m.20 views

CVE-2024-26847 powerpc/rtas: use correct function name for resetting TCE tables

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

6.9AI score0.0024EPSS
Exploits0References3
OSV
OSV
added 2024/04/17 10:14 a.m.5 views

CVE-2024-26847 powerpc/rtas: use correct function name for resetting TCE tables

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

5.1CVSS4.7AI score0.0024EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/19 12:0 a.m.4 views

PT-2024-7683 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc4 Description: The vulnerability is caused by the incorrect spelling of a function name in the RTAS function table, leading to failed reverse lookups and warnings. The PAPR spec spells the function name ...

5.1CVSS6.6AI score0.0024EPSS
Exploits0References22
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.72 views

K61294700: Linux kernel vulnerability CVE-2020-27777

Security Advisory Description A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further...

7.2CVSS6.5AI score0.00506EPSS
Exploits1Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.6 views

SUSE CVE-2020-27777

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...

6.4CVSS6.5AI score0.00506EPSS
Exploits1References41
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.3 views

SUSE CVE-2021-37576

arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtasargs.nargs, aka CID-f62f3c20647e...

8.4CVSS6.5AI score0.00575EPSS
Exploits1References36
OSV
OSV
added 2023/01/17 7:29 p.m.7 views

GSD-2023-1001540 powerpc/rtas: avoid scheduling in rtas_os_term()

powerpc/rtas: avoid scheduling in rtasosterm This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder