CVE-2023-30440

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

CVE-2023-30440 IBM PowerVM Hypervisor denial of service

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

PT-2023-22694 · Ibm · Ibm Powervm Hypervisor

Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW860.00 through FW860.B3 IBM PowerVM Hypervisor versions FW950.00 through FW950.70 IBM PowerVM Hypervisor versions FW1010.00 through FW1010.50 IBM PowerVM Hypervisor versions FW1020.00 through FW1020.30 IBM...

kernel: ice: Fix call trace with null VSI during VF reset

In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously changing VFs spoofcheck and trust there was a call trace in iceresetvf that VF's VSI is null...

SUSE CVE-2023-2700

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

AZL-26736 CVE-2023-2700 affecting package libvirt for versions less than 7.10.0-5

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

kernel: ice: Fix call trace with null VSI during VF reset

In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously changing VFs spoofcheck and trust there was a call trace in iceresetvf that VF's VSI is null...

PT-2025-38197

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's net/mlx5 component related to the handling of E-switch pairing during uplink un/load APIs. Specifically, when transitioning a device from switchdev mo...

SUSE CVE-2005-3392

Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safemode and openbasedir directives...

SUSE CVE-2007-4367

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."...

SUSE CVE-2016-9083

drivers/vfio/pci/vfiopci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service memory corruption or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIODEVICESETIRQS ioctl call, aka a "state...

OpenText Content Suite Platform 代码问题漏洞

OpenText Content Suite Platform is a top-of-the-line enterprise content management ECM system from OpenText. can manage the entire enterprise information lifecycle, from capture to archiving and disposal. A security vulnerability exists in OpenText Content Suite Platform version 22.1, which...

PT-2023-33275 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.161 Description: The issue is related to the initialization of mailbox messages for VF reset. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

PT-2024-11820 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the igb driver, where a mailbox message for VF reset is not properly initialized when a MAC address is no...

PT-2022-36036 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v6.0.8 Description: The issue is related to a spurious interrupt during the removal of a trusted VF. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

kernel: sfc: fix use after free when disabling sriov

In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov and later read in efxef10sriovfreevfvports,...

PT-2022-34816 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.71 Description: The issue concerns the denial of offload of tc-based TSN features on VF interfaces. It was introduced in version v5.5 and fixed in version v5.15.71. The actual impact and attack plausibilit...

kernel: ice: Fix memory corruption in VF driver

In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory corruption in VF driver Disable VF's RX/TX queues, when it's disabled. VF can have queues enabled, when it requests a reset. If PF driver assumes that VF is disabled, while VF still has queues configured, VF may...

PT-2024-8455 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the Linux kernel's enetc driver, which allows for the configuration of TSN features through a mix of command BD ring messages and port registers. Howeve...

kernel: ice: Fix memory corruption in VF driver

In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory corruption in VF driver Disable VF's RX/TX queues, when it's disabled. VF can have queues enabled, when it requests a reset. If PF driver assumes that VF is disabled, while VF still has queues configured, VF may...