50 matches found
CVE-2025-38429
The CVE-2025-38429 issue affects the Linux kernel’s bus: mhi: ep path. Root cause: in mhi_ep_ring_add_element, the read pointer (rd_offset) was advanced before the corresponding buffer write, allowing a race where the host could observe an updated read pointer prior to the element being fully wri...
CVE-2025-38429
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Update read pointer only after buffer is written Inside mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written, potentially causing race conditions where the host sees an updated read...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a premature update of the read pointer by the mhi ep bus module, which could lead to data corruption...
CVE-2025-46716 Sandboxie Arbitrary Kernel Read in SbieDrv.sys API (API_SET_SECURE_PARAM)
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiSetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to read...
SUSE CVE-2024-58019
In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...
DEBIAN-CVE-2024-58019
In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...
UBUNTU-CVE-2024-58019
In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...
CVE-2024-58019 nvkm/gsp: correctly advance the read pointer of GSP message queue
In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from incorrectly advancing the read pointer to the GSP message queue in nvkm...
kernel: wifi: iwlwifi: read txq->read_ptr under lock
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...
kernel: wifi: iwlwifi: read txq->read_ptr under lock
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...
kernel: wifi: iwlwifi: read txq->read_ptr under lock
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...
kernel: wifi: iwlwifi: read txq->read_ptr under lock
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...
SUSE CVE-2024-36922
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...
AZL-68063 CVE-2024-36922 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...
UBUNTU-CVE-2024-36922
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...
SUSE CVE-2023-52494
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "isvalidringptr" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned...
DEBIAN-CVE-2023-52494
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "isvalidringptr" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned...
UBUNTU-CVE-2023-52494
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "isvalidringptr" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unaligned event ring read pointer, leading to issues such as a denial of service DoS or ring buffer memor...