478 matches found
Memory corruption
A flaw was found in the Linux kernel. A memory leak problem was found in mbochsioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O VFIO Mediated devices. This flaw could allow a local attacker to leak internal kernel information...
GSD-2022-1004862 sfc: fix kernel panic when creating VF
sfc: fix kernel panic when creating VF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.289 by commit...
GSD-2022-1004793 sfc: fix kernel panic when creating VF
sfc: fix kernel panic when creating VF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.253 by commit...
PT-2025-8655
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A memory corruption issue in the VF driver of the Linux kernel has been resolved. The issue occurred when the VF driver assumed that the VF was disabled while it still had queues...
KB3045314 - MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 QFE: July 14, 2015
KB3045314 - MS15-058: Description of the security update for SQL Server 2008 R2 Service Pack 3 QFE: July 14, 2015 Summary This update resolves vulnerabilities in Microsoft SQL Server that could allow remote code execution if an authenticated attacker runs a specially crafted query that is designe...
Debian DLA-2385-1 : linux-4.19 security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2019-3874 Kernel buffers allocated by the SCTP network protocol were not limited by the memory cgroup controller. A local user could potentially us...
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
...
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...
Unspecified vulnerability in Linux kernel (CNVD-2020-33497)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the U.S. VFIO PCI driver is one of the VFIO PCI drivers. A security vulnerability exists in the VFIO PCI driver in Linux kernel 5.6.13 and earlier versions. An attacker can exploit the...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0070)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibl...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0074)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or...
CVE-2019-6256
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...
CVE-2019-6256
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...
kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ
A reachable assertion failure flaw was found in the Linux kernel built with KVM virtualisationCONFIGKVM support with Virtual Function I/O feature CONFIGVFIO enabled. This failure could occur if a malicious guest device sent a virtual interrupt guest IRQ with a larger 1024 index value...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 4.4.105 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a...
kernel: State machine confusion bug in vfio driver leading to memory corruption
A flaw was discovered in the Linux kernel's implementation of VFIO. An attacker issuing an ioctl can create a situation where memory is corrupted and modify memory outside of the expected area. This may overwrite kernel memory and subvert kernel execution...
Firefox 50.0.2 after the release reuse vulnerability analysis CVE-2016-9899-a vulnerability warning-the black bar safety net
Author: k0shl reprint please indicate the source author blog:http://whereisk0shl. top Preface Small year has passed, New Year rhythm, give you worship a early years, a Happy New Year! Haven't come across such after the release reuse vulnerability, which vulnerability causes is a very classic...
PT-2016-7647 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.8.11 Description: The issue allows local users to bypass integer overflow checks, potentially causing a denial of service memory corruption or having unspecified other impact. This is achieved by leveraging...