SUSE CVE-2007-4367

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."...

SUSE CVE-2016-9083

drivers/vfio/pci/vfiopci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service memory corruption or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIODEVICESETIRQS ioctl call, aka a "state...

OpenText Content Suite Platform 代码问题漏洞

OpenText Content Suite Platform is a top-of-the-line enterprise content management ECM system from OpenText. can manage the entire enterprise information lifecycle, from capture to archiving and disposal. A security vulnerability exists in OpenText Content Suite Platform version 22.1, which...

PT-2023-33275 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.161 Description: The issue is related to the initialization of mailbox messages for VF reset. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

PT-2024-11820 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the igb driver, where a mailbox message for VF reset is not properly initialized when a MAC address is no...

PT-2022-36036 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v6.0.8 Description: The issue is related to a spurious interrupt during the removal of a trusted VF. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

kernel: sfc: fix use after free when disabling sriov

In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov and later read in efxef10sriovfreevfvports,...

PT-2022-34816 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.71 Description: The issue concerns the denial of offload of tc-based TSN features on VF interfaces. It was introduced in version v5.5 and fixed in version v5.15.71. The actual impact and attack plausibilit...

kernel: ice: Fix memory corruption in VF driver

In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory corruption in VF driver Disable VF's RX/TX queues, when it's disabled. VF can have queues enabled, when it requests a reset. If PF driver assumes that VF is disabled, while VF still has queues configured, VF may...

PT-2024-8455 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the Linux kernel's enetc driver, which allows for the configuration of TSN features through a mix of command BD ring messages and port registers. Howeve...

kernel: ice: Fix memory corruption in VF driver

In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory corruption in VF driver Disable VF's RX/TX queues, when it's disabled. VF can have queues enabled, when it requests a reset. If PF driver assumes that VF is disabled, while VF still has queues configured, VF may...

Memory corruption

A flaw was found in the Linux kernel. A memory leak problem was found in mbochsioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O VFIO Mediated devices. This flaw could allow a local attacker to leak internal kernel information...

GSD-2022-1004862 sfc: fix kernel panic when creating VF

sfc: fix kernel panic when creating VF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.289 by commit...

GSD-2022-1004793 sfc: fix kernel panic when creating VF

sfc: fix kernel panic when creating VF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.253 by commit...

PT-2025-8655

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A memory corruption issue in the VF driver of the Linux kernel has been resolved. The issue occurred when the VF driver assumed that the VF was disabled while it still had queues...

The vulnerability of the mbochs_ioctl function in the samples / vfio-mdev / mbochs.c file of Linux operating system kernels allows a hacker to gain access to protected information.

The vulnerability of the mbochsioctl function in the samples / vfio-mdev / mbochs.c file of Linux operating system kernels is related to errors in virtual function input/output operations VFIO. Exploiting this vulnerability can allow an attacker to gain access to protected information...

KB3045314 - MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 QFE: July 14, 2015

KB3045314 - MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 QFE: July 14, 2015 Summary This update resolves vulnerabilities in Microsoft SQL Server that could allow remote code execution if an authenticated attacker runs a specially crafted query that is designe...

Debian DLA-2385-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2019-3874 Kernel buffers allocated by the SCTP network protocol were not limited by the memory cgroup controller. A local user could potentially us...

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

...

Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...