Lucene search
K

1544 matches found

OSV
OSV
added 2024/06/19 3:15 p.m.14 views

CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

7.8CVSS6.7AI score
Exploits0References2
OSV
OSV
added 2024/06/19 3:15 p.m.5 views

DEBIAN-CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

7.8CVSS5.3AI score0.00214EPSS
Exploits0References1
OSV
OSV
added 2024/06/19 3:15 p.m.3 views

UBUNTU-CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

7.8CVSS5.7AI score0.00214EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/06/19 3:15 p.m.16 views

CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

7.8CVSS5.8AI score0.00214EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/19 2:58 p.m.10 views

CVE-2021-47613 i2c: virtio: fix completion handling

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

7.1AI score0.00214EPSS
Exploits0References2
CVE
CVE
added 2024/06/19 2:58 p.m.74 views

CVE-2021-47613

CVE-2021-47613 concerns a Linux kernel i2c virtio issue where the notify callback could run before all buffers are completed, risking incorrect I2C data or guest memory corruption. The confirmed fix is to call virtio_get_buf() from the notify handler (as in other virtio drivers) and to wait for a...

7.8CVSS7.7AI score0.00214EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/19 2:58 p.m.34 views

CVE-2021-47613 i2c: virtio: fix completion handling

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

0.00214EPSS
Exploits0References2
OSV
OSV
added 2024/06/19 2:15 p.m.2 views

DEBIAN-CVE-2024-38555

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

7.8CVSS5.5AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2024/06/19 2:15 p.m.2 views

DEBIAN-CVE-2024-38545

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF. Use the xalock to protect the CQ...

7.8CVSS5.9AI score0.00252EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/19 2:15 p.m.16 views

CVE-2024-38555

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

7.8CVSS6.4AI score0.00258EPSS
Exploits0References20
OSV
OSV
added 2024/06/19 2:15 p.m.7 views

UBUNTU-CVE-2024-38544

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

6.3CVSS6.2AI score0.00248EPSS
Exploits0References31
Cvelist
Cvelist
added 2024/06/19 1:35 p.m.24 views

CVE-2024-38555 net/mlx5: Discard command completions in internal error

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

0.00258EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/06/19 1:35 p.m.16 views

CVE-2024-38555 net/mlx5: Discard command completions in internal error

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

7AI score0.00258EPSS
Exploits0References7
OSV
OSV
added 2024/06/19 1:35 p.m.16 views

CVE-2024-38555 net/mlx5: Discard command completions in internal error

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command...

7.8CVSS6.3AI score0.00258EPSS
Exploits0References10
CVE
CVE
added 2024/06/19 1:35 p.m.127 views

CVE-2024-38556

CVE-2024-38556 affects the Linux kernel net/mlx5 code. The vulnerability arises from how the command queue semaphore timeout handling can allow an entry to be processed before an index is allocated, risking an out-of-bounds access at idx = -22 if the completion path proceeds without proper synchr...

7.8CVSS6.7AI score0.00259EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2024/06/18 8:15 p.m.20 views

CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

5.5CVSS6.2AI score0.00212EPSS
Exploits0References12
OSV
OSV
added 2024/06/18 8:15 p.m.2 views

UBUNTU-CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

5.5CVSS6AI score0.00212EPSS
Exploits0References13
OSV
OSV
added 2024/06/15 12:0 a.m.6 views

OPENSUSE-SU-2024:13939-1 python-tqdm-bash-completion-4.66.4-1.1 on GA media

These are all security issues fixed in the python-tqdm-bash-completion-4.66.4-1.1 package on the GA media of openSUSE Tumbleweed...

4.8CVSS5.2AI score0.00432EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/04 12:0 a.m.14 views

PT-2024-31337

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50 Description The issue arises in the net/mlx5e component of the Linux kernel, specifically with the SHAMPO feature. When all strides in a Work Queue Element WQE are consumed, the WQE is unlinked from the Wo...

5.5CVSS5.4AI score0.0021EPSS
Exploits0
OSV
OSV
added 2024/05/30 4:15 p.m.3 views

DEBIAN-CVE-2024-36930

In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spisync If spisync is called with the non-empty queue and the same spimessage is then reused, the complete callback for the message remains set while the context is cleared, leading to a...

5.5CVSS6AI score0.00227EPSS
Exploits0References1
Rows per page
Query Builder