42 matches found
SUSE CVE-2024-47685
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...
DEBIAN-CVE-2024-47685
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...
UBUNTU-CVE-2024-47685
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...
kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor
A vulnerability was found in the usbparseendpoint function in the Linux kernel's usb drivers, where improper handling of the reserved bits in an endpoint descriptor's bEndpointAddress field can lead to confusion in the endpointisduplicate routine in config.c. This will erroneously treat the same...
kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor
A vulnerability was found in the usbparseendpoint function in the Linux kernel's usb drivers, where improper handling of the reserved bits in an endpoint descriptor's bEndpointAddress field can lead to confusion in the endpointisduplicate routine in config.c. This will erroneously treat the same...
SUSE CVE-2024-41035
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...
DEBIAN-CVE-2024-41035
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...
UBUNTU-CVE-2024-41035
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...
CVE-2024-41035
CVE-2024-41035 (Linux kernel USB core) : A duplicate-endpoint bug in usbcore was caused by assuming bEndpointAddress reserved bits are always 0, making endpoint_is_duplicate() misclassify descriptors that share direction and endpoint number. The fix clears the reserved bits when parsing endpoint ...
CVE-2024-41035 USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the assumption that reserved bits are always 0 when parsing endpoint descriptors, which could lead to incorrectl...
SUSE CVE-2012-3494
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
GSD-2022-1002482 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.311 by commit...
GSD-2022-1002202 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.189 by commit...
GSD-2022-1002018 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.111 by commit...
GSD-2022-1001743 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.34 by commit...
GSD-2022-1001420 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.20 by commit...
GSD-2022-1001091 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...
OracleVM 3.1 : xen (OVMSA-2012-0039)
The remote OracleVM system is missing necessary patches to address critical security updates : - console: bounds check whenever changing the cursor due to an escape code The device model used by fully virtualised HVM domains, qemu, does not properly handle escape VT100 sequences when emulating...
hypercall set_debugreg vulnerability
ISSUE DESCRIPTION setdebugreg allows writes to reserved bits of the DR7 debug control register on x86-64. IMPACT A malicious guest can cause the host to crash, leading to a DoS. If the vulnerable hypervisor is run on future hardware, the impact of the vulnerability might be widened depending on t...