Lucene search
K

26 matches found

OSV
OSV
added 2026/02/04 11:12 p.m.1 views

GHSA-4JVR-VJ2C-8Q37 EVE Seals Vault Key With SHA1 PCRs

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

6.7CVSS5.3AI score0.0011EPSS
Exploits0References5
NVD
NVD
added 2026/01/13 4:16 p.m.10 views

CVE-2025-71077

In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2getpcrallocation does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only limited harm...

5.5CVSS0.00123EPSS
Exploits0References7
OSV
OSV
added 2025/12/01 8:49 p.m.5 views

CLSA-2025-1764614196 tpm2-tools: Fix of CVE-2024-29039

CVE-2024-29039: add comparison of pcr selection to prevent misleading picture of the TPM state...

9CVSS5.8AI score0.00984EPSS
Exploits1References1
Snyk
Snyk
added 2025/11/12 8:45 p.m.1 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via incomplete validation of attestation documents in the attestation verification process. An attacker can cause clients to trust enclaves that do not meet expected integrity guarantees ...

9.3CVSS6.5AI score0.00124EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/12 8:45 p.m.1 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via incomplete validation of attestation documents in the attestation verification process. An attacker can cause clients to trust enclaves that do not meet expected integrity guarantees ...

9.3CVSS6.5AI score0.00124EPSS
Exploits1References2
NVD
NVD
added 2025/11/12 11:15 a.m.5 views

CVE-2025-40122

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix IA32PMCxCFGB MSRs access error When running perffuzzer on PTL, sometimes the below "unchecked MSR access error" is seen when accessing IA32PMCxCFGB MSRs. 55.611268 unchecked MSR access error: WRMSR to 0x1986...

0.00162EPSS
Exploits0References2
OSV
OSV
added 2025/10/22 1:23 p.m.6 views

CVE-2022-50558 regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

6.3AI score0.00193EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 6:5 a.m.5 views

CVE-2023-30633

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

6.1CVSS6.5AI score0.00733EPSS
Exploits0References1
NVD
NVD
added 2024/09/04 8:15 p.m.23 views

CVE-2024-44993

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix out-of-bounds read in v3dcsdjobrun When enabling UBSAN on Raspberry Pi 5, we get the following warning: 387.894977 UBSAN: array-index-out-of-bounds in drivers/gpu/drm/v3d/v3dsched.c:320:3 387.903868 index 7 is out of...

7.1CVSS0.00199EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/09/04 8:15 p.m.14 views

CVE-2024-44993

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix out-of-bounds read in v3dcsdjobrun When enabling UBSAN on Raspberry Pi 5, we get the following warning: 387.894977 UBSAN: array-index-out-of-bounds in drivers/gpu/drm/v3d/v3dsched.c:320:3 387.903868 index 7 is out of...

7.1CVSS6.6AI score0.00199EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/09/04 7:54 p.m.24 views

CVE-2024-44993 drm/v3d: Fix out-of-bounds read in `v3d_csd_job_run()`

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix out-of-bounds read in v3dcsdjobrun When enabling UBSAN on Raspberry Pi 5, we get the following warning: 387.894977 UBSAN: array-index-out-of-bounds in drivers/gpu/drm/v3d/v3dsched.c:320:3 387.903868 index 7 is out of...

0.00199EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/04/10 2:16 a.m.2 views

SUSE CVE-2024-26730

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

7CVSS6.5AI score0.00245EPSS
Exploits0References3
OSV
OSV
added 2024/04/03 5:15 p.m.3 views

DEBIAN-CVE-2024-26730

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

7CVSS5.4AI score0.00245EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/04/03 5:15 p.m.24 views

CVE-2024-26730

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

7CVSS5.9AI score0.00245EPSS
Exploits0References5
CVE
CVE
added 2024/04/03 5:0 p.m.83 views

CVE-2024-26730

The CVE-2024-26730 entry concerns the Linux kernel hwmon/nct6775 driver. The vulnerability arises from a mismatch between the number of temperature configuration registers and the total temperature registers, which can trigger out-of-bounds access (KASAN) in nct6775_probe/nct6775_core. The issue ...

7CVSS6.6AI score0.00245EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2024/04/03 5:0 p.m.27 views

CVE-2024-26730

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

7CVSS5.8AI score0.00245EPSS
Exploits0
OSV
OSV
added 2024/04/03 5:0 p.m.11 views

CVE-2024-26730 hwmon: (nct6775) Fix access to temperature configuration registers

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASA...

7CVSS5.4AI score0.00245EPSS
Exploits0References6
OSV
OSV
added 2024/02/27 7:15 a.m.1 views

DEBIAN-CVE-2021-46917

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. Use wq reset command instead of blasting the MMIO region. Th...

5.5CVSS5.6AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2024/02/27 7:15 a.m.2 views

UBUNTU-CVE-2021-46917

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. Use wq reset command instead of blasting the MMIO region. Th...

5.5CVSS6.6AI score0.00225EPSS
Exploits0References6
NVD
NVD
added 2023/10/19 8:15 p.m.29 views

CVE-2023-30633

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

5.3CVSS4.9AI score0.00212EPSS
Exploits0References2
Rows per page
Query Builder