CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

287 matches found

RedHat Linux•added 2024/01/30 1:28 p.m.•3 views

kernel: SEV-ES local priv escalation

A buffer overflow and null pointer dereference flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their...

7CVSS7AI score0.00693EPSS

Exploits0References9

Positive Technologies•added 2024/01/29 12:0 a.m.•11 views

PT-2024-5040 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.9 Description: The issue is related to the implementation of the SEV-SNP and SEV-ES protective mechanisms in the Linux kernel, which can be exploited by an untrusted hypervisor to inject virtual interrupts and...

10CVSS6.6AI score0.08555EPSS

Exploits20References1201

RedHat Linux•added 2024/01/25 11:15 a.m.•2 views

kernel: SEV-ES local priv escalation

7CVSS7AI score0.00693EPSS

Exploits0References9

RedHat Linux•added 2024/01/25 11:13 a.m.•2 views

kernel: SEV-ES local priv escalation

7CVSS7AI score0.00693EPSS

Exploits0References9

RedHat Linux•added 2024/01/25 9:45 a.m.•5 views

kernel: SEV-ES local priv escalation

7CVSS6.9AI score0.00693EPSS

Exploits0References9

RedhatCVE•added 2024/01/11 6:30 p.m.•42 views

CVE-2023-20573

A flaw was found in AMD hardware using the Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP feature. This issue may allow a privileged attacker to prevent the delivery of debug exceptions to SEV-SNP guests, potentially resulting in guests not receiving expected debug information...

3.2CVSS3.7AI score0.00289EPSS

Exploits0References4

Debian•added 2024/01/02 9:4 p.m.•37 views

[SECURITY] [DSA 5594-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5594-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 02, 2024 https://www.debian.org/security/faq -...

9.8CVSS9.1AI score0.09141EPSS

Exploits4

Ubuntu•added 2023/12/05 9:59 p.m.•89 views

USN-6533-1: Linux kernel (OEM) vulnerabilities

Tom Dohrmann discovered that the Secure Encrypted Virtualization SEV implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service system crash or possibly...

7CVSS7AI score0.00693EPSS

Exploits0

OSV•added 2023/12/05 9:59 p.m.•4 views

USN-6533-1 linux-oem-6.1 vulnerabilities

7CVSS6.9AI score0.00693EPSS

Exploits0References3

RedHat Linux•added 2023/11/14 3:46 p.m.•1 views

kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

5.6CVSS6.7AI score0.00158EPSS

Exploits0References4

Positive Technologies•added 2023/11/14 12:0 a.m.•7 views

PT-2023-7412 · Amd +7 · Amd Cpus +7

Name of the Vulnerable Software and Affected Versions: AMD CPUs affected versions not specified Description: The issue concerns improper or unexpected behavior of the INVD instruction in some AMD CPUs, potentially allowing an attacker with a malicious hypervisor to affect cache line write-back...

9.8CVSS7.4AI score0.74041EPSS

Exploits11References75

Ubuntu•added 2023/10/24 1:4 p.m.•98 views

USN-6445-2: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8.2AI score0.54577EPSS

Exploits11

OpenVAS•added 2023/10/23 12:0 a.m.•29 views

Mageia: Security Advisory (MGASA-2023-0296)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.00986EPSS

Exploits3References10

Ubuntu•added 2023/10/19 2:55 p.m.•82 views

USN-6416-3: Linux kernel (Raspberry Pi) vulnerabilities

9.1CVSS8AI score0.54577EPSS

Exploits6

Tenable Nessus•added 2023/10/19 12:0 a.m.•47 views

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6416-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6416-3 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

9.1CVSS8.1AI score0.54577EPSS

Exploits6References14

Tenable Nessus•added 2023/10/14 12:0 a.m.•92 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4071-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4071-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

7.8CVSS6.9AI score0.01094EPSS

Exploits4References115

OSV•added 2023/10/10 2:42 p.m.•7 views

SUSE-SU-2023:4035-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem bsc1215861. - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem bsc121586...

7.8CVSS8AI score0.00549EPSS

Exploits4References37