Lucene search
K

48 matches found

RedHat Linux
RedHat Linux
added 2020/07/29 9:45 p.m.4 views

Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...

5.3CVSS7AI score0.00404EPSS
Exploits0References4
Prion
Prion
added 2018/10/07 6:29 a.m.26 views

Design/Logic Flaw

arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVMSETONREG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control with full register control. An attacker ca...

3.6CVSS6.4AI score0.0057EPSS
Exploits0References13Affected Software3
OSV
OSV
added 2018/10/07 6:29 a.m.3 views

DEBIAN-CVE-2018-18021

arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVMSETONREG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control with full register control. An attacker ca...

7.1CVSS7.4AI score0.0057EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/07/26 12:0 a.m.15 views

PT-2018-2205 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel's KVM virtualization subsystem affected versions not specified Description: A flaw in the Linux kernel's KVM virtualization subsystem is related to inadequate access control. The issue is caused by the VMX code not restoring the...

7.8CVSS7.7AI score0.7354EPSS
Exploits1References52
OSV
OSV
added 2018/06/26 2:29 p.m.3 views

DEBIAN-CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in...

5.3CVSS6.3AI score0.01912EPSS
Exploits0References1
OSV
OSV
added 2017/11/16 8:29 p.m.10 views

CVE-2017-1086

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptracelwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure...

3.3CVSS6.3AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2007/10/22 10:52 a.m.10 views

kernel LTC31426-4k page mapping support for userspace in 64k kernels

The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...

1.9CVSS5.8AI score0.0034EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/01/22 5:0 a.m.34 views

CVE-2003-0700

The C-Media PCI sound driver in Linux before 2.4.22 does not use the getuser function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699...

6.2AI score0.01871EPSS
Exploits0References3
Rows per page
Query Builder