kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

CVE-2024-33054

CVE-2024-33054 describes memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine in Qualcomm components (notably showing up under the Qualcomm Camera subcomponent). The vulnerability is characterized by a High impact on confidentiality, integrity, an...

CVE-2024-33054 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine...

CVE-2024-33054 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine...

CVE-2024-44943

A flaw was found in the Linux kernel. This issue involved improperly using the trygrabfolio function in the memory management subsystem and led to failures and kernel warnings during memory pinning in the Contiguous Memory Allocator CMA area, especially when starting SEV virtual machines...

CVE-2024-44943

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

CVE-2024-44943 mm: gup: stop abusing try_grab_folio

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

CVE-2024-44943 mm: gup: stop abusing try_grab_folio

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

CVE-2024-44943

CVE-2024-44943 relates to the Linux kernel mm/gup code where pinning folio in CMA memory during SEV VM startup could trigger a warning due to misusing try_grab_folio in both fast and slow paths. The issue stems from the longterm pinning check causing fallback paths to also fail, producing a kerne...

CVE-2024-44943 mm: gup: stop abusing try_grab_folio

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect method being invoked when starting the SEV virtual machine...

CWA-2023-004: Excessive number of function parameters in compiled Wasm

A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract. This can lead to high memory usage, slowdowns, potentially a crash and can poison a lock in the VM, preventing any further interaction with contracts. For more information, see...

PT-2024-40919 · Cosmwasm · Cosmwasm

Name of the Vulnerable Software and Affected Versions: CosmWasm affected versions not specified Description: A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract, leading to high memory usage, slowdowns, potentially a crash, and can...

PT-2024-8702 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: bhyve affected versions not specified Description: The issue is related to an insufficient boundary validation in the USB code, which could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privilege...

ROS-20240826-26

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

ROS-20240826-27

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

SUSE CVE-2022-48916

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

UBUNTU-CVE-2022-48943

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvmarchcandequeueasyncpagepresent to determine whether to deliver a READY event to the Guest. This function te...

SUSE CVE-2022-48890

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM storvscqueuecommand maps the scatter/gather list using scsidmamap, which in a confidential VM allocates swiotlb bounce buffers. If the I/O submission fails in...

UBUNTU-CVE-2022-48904

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix I/O page table memory leak The current logic updates the I/O page table mode for the domain before calling the logic to free memory used for the page table. This results in IOMMU page table memory leak, and can be...