arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution which might allow local users to gain privileges by triggering an NMI.

...

[SECURITY] Fedora 39 Update: kernel-headers-6.7.3-200.fc39

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

[SECURITY] Fedora 39 Update: keyring-ima-signer-0.1.0-11.fc39

The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...

Fedora: Security Advisory for kernel-headers (FEDORA-2023-a7b89262c6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory...

CVE-2023-32804 Mali GPU Userspace Driver can make an Out-of-Bounds access

Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory...

[SECURITY] Fedora 39 Update: kernel-headers-6.6.3-200.fc39

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

ARM Mali GPU Kernel Driver Buffer Error Vulnerability

ARM Mali GPU Kernel Driver is a driver for a graphics processor unit from ARM UK. A security vulnerability exists in the ARM Mali GPU Kernel Driver that originates from out-of-bounds access to the Mali GPU Userspace driver...

kernel: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()

A memory leak vulnerability was found in the VMware graphics driver vmwgfx in the Linux kernel. In vmwmksstataddioctl, when copying the description string from userspace fails with -EFAULT, the allocated page for the instance descriptor is not freed. This leads to memory leakage that can cause...

CVE-2023-46813

An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory and th...

CVE-2023-46813

An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory and th...

DEBIAN-CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in systems without SMAP protection since skbsharedinfo contains references to function pointers...

UBUNTU-CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in systems without SMAP protection since skbsharedinfo contains references to function pointers...

CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in systems without SMAP protection since skbsharedinfo contains references to function pointers...

CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in systems without SMAP protection since skbsharedinfo contains references to function pointers...

SUSE CVE-2023-42752

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in systems without SMAP protection since skbsharedinfo contains references to function pointers...

PT-2023-5335

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow flaw was found in the Linux kernel, leading to the kernel allocating skb shared info in the userspace. This issue is exploitable in systems without SMAP protection...

Siemens EFI Boot Guard Code Execution Vulnerability

Siemens EFI Boot Guard is a simple UEFI boot loader from Siemens Germany. A code execution vulnerability exists in Siemens EFI Boot Guard versions prior to 0.15, which stems from insufficient input validation and cleanup, and can be exploited by an attacker to execute arbitrary code in privileged...

Siemens EFI Boot Guard 输入验证错误漏洞

Siemens EFI Boot Guard is a simple UEFI boot loader from Siemens Germany. A code execution vulnerability exists in Siemens EFI Boot Guard versions prior to 0.15, which stems from insufficient input validation and cleanup, and can be exploited by an attacker to execute arbitrary code in privileged...

PT-2023-21825 · Qualcomm · Snapdragon +29

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue involves kernel APIs, such as cam mem get cpu buf, where a buffer may remain readable and writable in userspace after being accessed by the kernel. This can lead to a race...