121 matches found
CVE-2022-48916 iommu/vt-d: Fix double list_add when enabling VMD in scalable mode
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...
UBUNTU-CVE-2024-41085
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxlnvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereference, address:...
DEBIAN-CVE-2022-48790
In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queuerq, in .submitasyncevent drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condition that was observed...
Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get
...
kernel: NULL pointer dereference in nvmet_tcp_build_iovec
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer...
DEBIAN-CVE-2022-48697
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blkmqcompleterequestremote+0xac/0x350 Read of size 4 at addr 0000607bd1835943 by task...
PT-2024-12064 · Lenovo · Smart Edge +2
Name of the Vulnerable Software and Affected Versions: Lenovo Desktop, Smart Edge, and ThinkStation products affected versions not specified Description: A potential issue was reported in the BIOS of some Lenovo products, including Desktop, Smart Edge, and ThinkStation, that could allow a local...
DEBIAN-CVE-2023-6356
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
UBUNTU-CVE-2023-6356
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
kernel: NULL pointer dereference in nvmet_tcp_execute_request
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...
The vulnerability of the __nvmet_reqComplete() function in the drivers/nvme/target/tcp.c file of the Linux NVMe kernel driver allows a hacker to trigger a service failure.
The vulnerability of the nvmetreqComplete function in the drivers/nvme/target/tcp.c file of the Linux NVMe driver kernel involves the assignment of a null pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
kernel: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...
Intel(R) Optane(TM) SSD Security Vulnerability
Intel Optane SSD is a new type of non-volatile memory from Intel Corporation USA. A security vulnerability exists in Intel Optane SSD and Intel Optane SSD DC. Exploitation of this vulnerability by an attacker could result in privilege escalation, information disclosure, or denial of service...
Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses
An issue was discovered in the default implementations of the VolatileMemory::getatomicref, alignedasref, alignedasmut, getref, getarrayref trait functions, which allows out-of-bounds memory access if the VolatileMemory::getslice function returns a VolatileSlice whose length is less than the...
PT-2023-27763 · Vm-Memory +1 · Vm-Memory +1
Name of the Vulnerable Software and Affected Versions: vm-memory versions 0.1.0 through 0.12.1 Description: An issue was discovered in the default implementations of the VolatileMemory::get atomic ref, aligned as ref, aligned as mut, get ref, get array ref trait functions, which allows...
kernel: nvme: fix multipath crash caused by flush request when blktrace is enabled
In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blkkickflush has NULL bio, and it may be dealt with nvmeendreq during io completion. When blktrace is enabled,...
USN-5962-1 linux-intel-iotg vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
K71612511: Kernel vulnerability CVE-2016-8106
Security Advisory Description A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions. CVE-2016-8106 Impact There ...
The vulnerability of the NVMe (Non-Volatile Memory Express) driver for Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the NVMe Non-Volatile Memory Express kernel driver for Linux operating systems is related to insufficient validation of input data during the processing of NVMEIOCTLRESET and NVMEIOCTLSUBSYSRESET requests. Exploiting this vulnerability can allow an attacker to trigger a servi...