Lucene search
K

57 matches found

SUSE CVE
SUSE CVE
added 2025/12/05 12:25 a.m.5 views

SUSE CVE-2025-40266

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...

6.6CVSS6.7AI score0.00162EPSS
Exploits0References7
CVE
CVE
added 2025/12/04 4:8 p.m.26 views

CVE-2025-40266

CVE-2025-40266 : Linux kernel KVM for arm64 fixes an issue where the untrusted offset used in FF-A memory sharing was not properly verified, risking out-of-bounds access in the hypervisor. A patch now verifies the offset to prevent OOB accesses when a large value is provided by the host ([U32_MAX...

6.3AI score0.00162EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/04 4:8 p.m.5 views

EUVD-2025-201191

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...

6.2AI score0.00162EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-40266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large...

6.3AI score0.00162EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/12 7:18 p.m.5 views

EUVD-2025-138880

Malicious code in poglymer-ogihh-ffa npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-18609

Malicious code in bioql PyPI...

7.6AI score0.0016EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/10/02 12:0 a.m.13 views

Ubuntu 24.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-7789-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7789-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

7.8CVSS7.5AI score0.01345EPSS
Exploits8References184
OSV
OSV
added 2025/10/01 1:59 p.m.9 views

USN-7789-1 linux-oracle-6.14 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

7.8CVSS6.6AI score0.01345EPSS
Exploits8References185
OSV
OSV
added 2025/09/24 3:20 p.m.12 views

USN-7769-2 linux-realtime-6.14 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

7.8CVSS6.6AI score0.01345EPSS
Exploits8References184
SUSE CVE
SUSE CVE
added 2025/09/15 11:27 p.m.5 views

SUSE CVE-2023-53256

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...

6.2AI score0.00136EPSS
Exploits0References3
NVD
NVD
added 2025/09/15 3:15 p.m.7 views

CVE-2023-53256

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...

5.5CVSS0.00136EPSS
Exploits0References4
OSV
OSV
added 2025/09/15 2:46 p.m.5 views

CVE-2023-53256 firmware: arm_ffa: Fix FFA device names for logical partitions

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.3 views

PT-2025-37697

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The Linux kernel contains a flaw in the arm ffa firmware where the device naming scheme for logical partitions fails to uniquely identify multiple services within a physical partition...

6.1AI score0.00136EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2025-38043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: armffa: Set dmamask for ffa devices Set dmamask for FFA devices, otherwise DMA allocation using the device pointer lead to following warning: WARNING:...

5.5CVSS6.8AI score0.0016EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/08/06 7:0 a.m.3 views

firmware: arm_ffa: Set dma_mask for ffa devices

...

6.5CVSS7.4AI score0.0016EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/07/29 11:24 p.m.7 views

SUSE CVE-2025-38388

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Replace mutex with rwlock to avoid sleep in atomic context The current use of a mutex to protect the notifier hashtable accesses can lead to issues in the atomic context. It results in the below kernel warnings:...

5.5CVSS6.4AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/07/25 11:23 p.m.3 views

SUSE CVE-2025-38390

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...

5.5CVSS6.6AI score0.00154EPSS
Exploits0References9
OSV
OSV
added 2025/07/25 1:15 p.m.1 views

DEBIAN-CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...

5.5CVSS5.3AI score0.00145EPSS
Exploits0References1
OSV
OSV
added 2025/07/25 1:15 p.m.2 views

UBUNTU-CVE-2025-38390

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References28
OSV
OSV
added 2025/07/25 1:15 p.m.4 views

UBUNTU-CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References28
Rows per page
Query Builder