Lucene search
K

662 matches found

ATTACKERKB
ATTACKERKB
added 2022/03/10 8:15 p.m.5 views

CVE-2022-23037

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS5.7AI score0.00351EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/03/10 8:15 p.m.6 views

CVE-2022-23036

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS5.7AI score0.00351EPSS
Exploits0References3
OSV
OSV
added 2022/03/10 8:15 p.m.2 views

UBUNTU-CVE-2022-23037

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.6AI score0.00334EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/03/10 7:20 p.m.71 views

CVE-2022-23042

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.8AI score0.00244EPSS
Exploits0
CVE
CVE
added 2022/03/10 7:20 p.m.203 views

CVE-2022-23039

Linux PV device frontends (blkfront, netfront, scsifront, gntalloc, xenbus) are vulnerable to race conditions in grant-reference handling that can allow a backend to retain access to guest memory after grant removal or reuse, potentially causing data leakage, data corruption, or DoS. The issue sp...

7CVSS7.3AI score0.00351EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/10 7:20 p.m.30 views

CVE-2022-23038

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7.5AI score0.00351EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/03/10 7:20 p.m.44 views

CVE-2022-23037

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.8AI score0.00334EPSS
Exploits0
CVE
CVE
added 2022/03/10 7:20 p.m.211 views

CVE-2022-23036

The Connected Astra Linux entries provide concrete details for CVEs 2022-23036 to 2022-23042 and related entries, describing a shared vulnerability class in Linux PV device frontends. Specifically, blkfront, netfront, scsifront, and the gntalloc driver use grant-table interfaces to remove backend...

7CVSS7.3AI score0.00351EPSS
Exploits0References2Affected Software1
Xen Project
Xen Project
added 2022/03/10 12:0 p.m.66 views

Linux PV device frontends vulnerable to attacks by backends

ISSUE DESCRIPTION Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious...

7CVSS7.3AI score0.00351EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2022/03/10 12:0 a.m.37 views

CVE-2022-23039

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.5AI score0.00351EPSS
Exploits0References4
Debian
Debian
added 2022/03/09 12:40 p.m.92 views

[SECURITY] [DLA 2940-1] linux security update

Debian LTS Advisory DLA-2940-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 09, 2022 https://wiki.debian.org/LTS Package : linux Version : 4.9.303-1 CVE ID : CVE-2021-3640 CVE-2021-3752 CVE-2021-4002 CVE-2021-4083 CVE-2021-4155 CVE-2021-4202 CVE-2021-28711...

9CVSS7.5AI score0.67994EPSS
Exploits26
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/01 12:0 a.m.59 views

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:0056-1 Rating: important References: 1139944 1151927 1152489 1153275 1154353 1154355 1161907 1164565 1166780 1169514 1176242 1176447 1176536 1176544 1176545 1176546 1176548 1176558 1176559 1176774...

9.1CVSS7AI score0.03615EPSS
Exploits5References79
Tenable Nessus
Tenable Nessus
added 2022/02/18 12:0 a.m.50 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:0477-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0477-1 advisory. - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instruction...

7.8CVSS7.2AI score0.0407EPSS
Exploits4References72
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.31 views

AlmaLinux 8 : sane-backends (ALSA-2021:1744)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1744 advisory. - A NULL pointer dereference in saneiepsonnetread in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cau...

5.5CVSS6.3AI score0.00497EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/01/12 12:0 a.m.42 views

SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2022:0056-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0056-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2021-45485: Fixed an information...

7.5CVSS6.8AI score0.03615EPSS
Exploits2References105
OSV
OSV
added 2022/01/05 5:15 p.m.9 views

CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.9AI score
Exploits0References5
NVD
NVD
added 2022/01/05 5:15 p.m.25 views

CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS0.00332EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/01/05 5:15 p.m.2 views

CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS5.4AI score0.00332EPSS
Exploits0References6
NVD
NVD
added 2022/01/05 5:15 p.m.27 views

CVE-2021-28713

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS0.00332EPSS
Exploits0References5
OSV
OSV
added 2022/01/05 5:15 p.m.0 views

DEBIAN-CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.5CVSS6.4AI score0.00332EPSS
Exploits0References1
Rows per page
Query Builder