Lucene search
+L

81 matches found

RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.7 views

kernel: vt_ioctl: fix array_index_nospec in vt_setactivate

A vulnerability was found in the Linux kernel's vtioctl subsystem, where the vtsetactivate function can lead to a transient integer underflow due to improper handling of the vsa.console value. The vulnerability arises when an out-of-bounds value is decreased before being sanitized using...

5.5CVSS7.2AI score0.00306EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.5 views

kernel: vt_ioctl: fix array_index_nospec in vt_setactivate

A vulnerability was found in the Linux kernel's vtioctl subsystem, where the vtsetactivate function can lead to a transient integer underflow due to improper handling of the vsa.console value. The vulnerability arises when an out-of-bounds value is decreased before being sanitized using...

5.5CVSS7.2AI score0.00306EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/09/24 12:0 a.m.7 views

The vulnerability of the array_index_nospec function in the DMA-BUF driver of the Linux operating system allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the arrayindexnospec function in the Linux kernel’s DMA-buf driver is related to a memory leak. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

5.2CVSS6.3AI score0.00257EPSS
Exploits0References16Affected Software4
NVD
NVD
added 2024/09/18 8:15 a.m.26 views

CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

7.1CVSS0.00241EPSS
Exploits0References7
OSV
OSV
added 2024/09/18 8:15 a.m.3 views

DEBIAN-CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

7.1CVSS6.1AI score0.00241EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.6 views

UBUNTU-CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

7.1CVSS6.5AI score0.00241EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2024/08/28 2:25 a.m.8 views

SUSE CVE-2024-44931

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS6.3AI score0.00248EPSS
Exploits0References16
OSV
OSV
added 2024/08/26 11:15 a.m.6 views

AZL-48635 CVE-2024-44931 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS6.7AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 11:15 a.m.2 views

DEBIAN-CVE-2024-44931

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS5.8AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 11:15 a.m.8 views

UBUNTU-CVE-2024-44931

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References35
SUSE CVE
SUSE CVE
added 2024/08/18 2:2 a.m.11 views

SUSE CVE-2024-42265

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.3CVSS6.5AI score0.00281EPSS
Exploits0References24
OSV
OSV
added 2024/08/17 9:15 a.m.2 views

DEBIAN-CVE-2024-42265

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.5CVSS6AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2024/08/17 9:15 a.m.4 views

UBUNTU-CVE-2024-42265

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.5CVSS6.3AI score0.00281EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2024/07/17 4:19 a.m.7 views

SUSE CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

4.7CVSS6.5AI score0.00306EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2024/07/16 12:15 p.m.5 views

CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

5.5CVSS6.3AI score0.00306EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/07/16 12:15 p.m.1 views

DEBIAN-CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

5.5CVSS5.7AI score0.00306EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/06/22 4:9 a.m.3 views

SUSE CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS7.5AI score0.00257EPSS
Exploits0References12
OSV
OSV
added 2024/06/20 12:15 p.m.2 views

DEBIAN-CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS5.6AI score0.00257EPSS
Exploits0References1
OSV
OSV
added 2024/06/20 12:15 p.m.7 views

UBUNTU-CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS6.3AI score0.00257EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2024/05/23 4:27 p.m.22 views

CVE-2023-52746

In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla; if type XFRMAMAX return -EOPNOTSUPP; @type is then used as an array index and can be used as a Spectre v1 gadget. if nlalennla...

5.5CVSS6.3AI score0.00243EPSS
Exploits0References4
Rows per page
Query Builder