Lucene search
K

42 matches found

SUSE CVE
SUSE CVE
added 2024/10/21 3:47 p.m.7 views

SUSE CVE-2024-47685

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...

6.5CVSS6.5AI score0.01367EPSS
Exploits0References21
OSV
OSV
added 2024/10/21 12:15 p.m.4 views

DEBIAN-CVE-2024-47685

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...

9.1CVSS6AI score0.01367EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 12:15 p.m.5 views

UBUNTU-CVE-2024-47685

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...

9.1CVSS6.3AI score0.01367EPSS
Exploits0References49
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor

A vulnerability was found in the usbparseendpoint function in the Linux kernel's usb drivers, where improper handling of the reserved bits in an endpoint descriptor's bEndpointAddress field can lead to confusion in the endpointisduplicate routine in config.c. This will erroneously treat the same...

5.5CVSS7.1AI score0.00299EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.4 views

kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor

A vulnerability was found in the usbparseendpoint function in the Linux kernel's usb drivers, where improper handling of the reserved bits in an endpoint descriptor's bEndpointAddress field can lead to confusion in the endpointisduplicate routine in config.c. This will erroneously treat the same...

5.5CVSS7.1AI score0.00299EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/08/06 2:1 a.m.4 views

SUSE CVE-2024-41035

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...

5.5CVSS6.4AI score0.00299EPSS
Exploits0References17
OSV
OSV
added 2024/07/29 3:15 p.m.2 views

DEBIAN-CVE-2024-41035

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...

5.5CVSS5.8AI score0.00299EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.3 views

UBUNTU-CVE-2024-41035

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...

5.5CVSS6.2AI score0.00299EPSS
Exploits0References33
CVE
CVE
added 2024/07/29 2:31 p.m.5807 views

CVE-2024-41035

CVE-2024-41035 (Linux kernel USB core) : A duplicate-endpoint bug in usbcore was caused by assuming bEndpointAddress reserved bits are always 0, making endpoint_is_duplicate() misclassify descriptors that share direction and endpoint number. The fix clears the reserved bits when parsing endpoint ...

5.5CVSS6.5AI score0.00299EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/29 2:31 p.m.15 views

CVE-2024-41035 USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore see the Closes: tag below caused by our assumption that the reserved bits in an endpoint descriptor's...

6.7AI score0.00299EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the assumption that reserved bits are always 0 when parsing endpoint descriptors, which could lead to incorrectl...

5.5CVSS6.5AI score0.00299EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.4 views

SUSE CVE-2012-3494

The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...

2.1CVSS6.2AI score0.00437EPSS
Exploits0References12
OSV
OSV
added 2022/04/24 10:53 p.m.11 views

GSD-2022-1002482 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs

KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.311 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 10:21 p.m.8 views

GSD-2022-1002202 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs

KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.189 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 10:3 p.m.9 views

GSD-2022-1002018 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs

KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.111 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:38 p.m.10 views

GSD-2022-1001743 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs

KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.34 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:11 p.m.8 views

GSD-2022-1001420 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs

KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.20 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 8:44 p.m.16 views

GSD-2022-1001091 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs

KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.42 views

OracleVM 3.1 : xen (OVMSA-2012-0039)

The remote OracleVM system is missing necessary patches to address critical security updates : - console: bounds check whenever changing the cursor due to an escape code The device model used by fully virtualised HVM domains, qemu, does not properly handle escape VT100 sequences when emulating...

7.2CVSS7.7AI score0.00528EPSS
Exploits1References5
Xen Project
Xen Project
added 2012/09/05 7:38 a.m.8 views

hypercall set_debugreg vulnerability

ISSUE DESCRIPTION setdebugreg allows writes to reserved bits of the DR7 debug control register on x86-64. IMPACT A malicious guest can cause the host to crash, leading to a DoS. If the vulnerable hypervisor is run on future hardware, the impact of the vulnerability might be widened depending on t...

2.1CVSS7.2AI score0.00437EPSS
Exploits0
Rows per page
Query Builder