Lucene search
+L

70 matches found

CVE
CVE
added 2024/09/11 3:13 p.m.89 views

CVE-2024-45027

The CVE-2024-45027 issue affects the Linux kernel XHCI driver: if xhci_mem_init() fails after max_interrupters is set but before interrupters are allocated, xhci_mem_cleanup() can unconditionally dereference xhci->interrupters. The documented fix gates the interrupt freeing loop with a NULL ch...

5.5CVSS5.1AI score0.00206EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2024/08/19 12:45 p.m.28 views

CVE-2024-43856

In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...

4.4CVSS7.2AI score0.00398EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/17 10:15 a.m.16 views

CVE-2024-43856

In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...

5.5CVSS6.3AI score0.00398EPSS
Exploits0References30
CVE
CVE
added 2024/08/17 9:24 a.m.201 views

CVE-2024-43856

CVE-2024-43856 : Linux kernel vulnerability in dmam_free_coherent() where freeing a DMA allocation could race with concurrent allocations to the same vaddr, causing two devres entries to share the same vaddr and possibly free the wrong one. The fix is to destroy the devres entry before freeing th...

5.5CVSS6.5AI score0.00398EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.187 views

SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2024:2896-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

9.8CVSS7.2AI score0.02701EPSS
Exploits4References1253
OSV
OSV
added 2024/07/12 1:15 p.m.5 views

UBUNTU-CVE-2024-40923

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to allocate memory for rq-dataring.base, the subsequent call to vmxnet3rqdestroyallrxdataring does not reset rq-dataring.descsize for the data rin...

5.5CVSS6.1AI score0.00288EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2024/07/12 12:32 p.m.18 views

CVE-2024-40979 wifi: ath12k: fix kernel crash during resume

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix kernel crash during resume Currently during resume, QMI target memory is not properly handled, resulting in kernel crash in case DMA remap is not supported: BUG: Bad page state in process kworker/u16:54 pfn:36e8...

6.7AI score0.00255EPSS
Exploits0References2
CVE
CVE
added 2024/07/12 12:32 p.m.101 views

CVE-2024-40979

CVE-2024-40979 describes a Linux kernel issue in the ath12k QMI memory handling during resume. When the module loads, firmware requests large memory segments; if DMA remap is not supported, initial allocations fail and a second attempt uses small segments that succeed. On resume, the driver again...

5.5CVSS6.5AI score0.00255EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/12 12:25 p.m.41 views

CVE-2024-40923 vmxnet3: disable rx data ring on dma allocation failure

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to allocate memory for rq-dataring.base, the subsequent call to vmxnet3rqdestroyallrxdataring does not reset rq-dataring.descsize for the data rin...

0.00288EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/12 12:25 p.m.31 views

CVE-2024-40923 vmxnet3: disable rx data ring on dma allocation failure

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to allocate memory for rq-dataring.base, the subsequent call to vmxnet3rqdestroyallrxdataring does not reset rq-dataring.descsize for the data rin...

6.7AI score0.00288EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/21 1:58 a.m.3 views

SUSE CVE-2024-35994

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

5.5CVSS6.8AI score0.00183EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/05/20 4:24 p.m.27 views

CVE-2024-35994

A vulnerability was found in the Qualcomm firmware driver qcomqseecomuefisecapp in the Linux kernel. It arises from incorrect memory allocation for request and response buffers in the QSEECOM APPSEND command. The driver expects both buffers to be in a single memory region, but they are allocated...

5.5CVSS8.8AI score0.00183EPSS
Exploits0References4
OSV
OSV
added 2024/05/20 10:15 a.m.2 views

DEBIAN-CVE-2024-35994

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

5.5CVSS5.6AI score0.00183EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/05/20 10:15 a.m.21 views

CVE-2024-35994

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

5.5CVSS6.3AI score0.00183EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/05/20 9:47 a.m.25 views

CVE-2024-35994 firmware: qcom: uefisecapp: Fix memory related IO errors and crashes

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...

7.1AI score0.00183EPSS
Exploits0References2
CVE
CVE
added 2024/05/20 9:47 a.m.96 views

CVE-2024-35994

CVE-2024-35994 (Linux kernel, qcom uefisecapp): The vulnerability stems from memory handling in QSEECOM app calls where APP_SEND buffers for request and response were treated as separate regions. The root cause was two consecutive kzalloc() allocations that could yield adjacent memory, causing un...

5.5CVSS6.9AI score0.00183EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/04/17 10:15 a.m.1 views

DEBIAN-CVE-2024-26839

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...

5.5CVSS5.5AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/04/17 10:10 a.m.2 views

CVE-2024-26839 IB/hfi1: Fix a memleak in init_credit_return

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.5 views

SUSE CVE-2017-9725

In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail...

5.5CVSS7.7AI score0.01231EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.6 views

SUSE CVE-2018-5332

In the Linux kernel through 3.2, the rdsmessageallocsgs function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write related to the rdsrdmaextrasize function in net/rds/rdma.c...

3.6CVSS6.6AI score0.00425EPSS
Exploits0References15
Rows per page
Query Builder