SUSE CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

DEBIAN-CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

AZL-11441 CVE-2022-3872 affecting package qemu for versions less than 6.2.0-12

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

UBUNTU-CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

CVE-2022-3872

CVE-2022-3872 — QEMU SDHCI off-by-one read/write : A vulnerability in the SDHCI device (Buffer Data Port Register) when data_count == block_size, exploitable by a malicious guest to crash the QEMU process on the host, causing denial of service. Affected component: QEMU SDHCI read_dataport/write_d...

Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update)

...

Qualcomm 多款产品输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in...

CVE-2021-45971

An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...

RHEL 7 : microcode_ctl (RHSA-2021:3255)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3255 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

Github ced 输入验证错误漏洞

Github ced is a software application. Character encoding is detected using Google's compactencdet library. An Input Validation Error vulnerability exists in Github ced that stems from the product not doing valid validation of user input data types. An attacker could cause a Nodejs process to cras...

RHEL 7 : microcode_ctl (RHSA-2021:3029)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3029 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

CentOS: Security Advisory for microcode_ctl (CESA-2021:3028)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

RHEL 7 : microcode_ctl (RHSA-2021:3028)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3028 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

CentOS 7 : microcode_ctl (CESA-2021:3028)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3028 advisory. - hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 - hw: Vector Register Data Sampling CVE-2020-0548 - hw: L1D Cache Eviction Sampling...

CVE-2021-1614

A vulnerability in the Multiprotocol Label Switching MPLS packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insufficient handling of malformed MPLS packets that...

SUSE: Security Advisory (SUSE-SU-2019:1248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...