57 matches found
SUSE CVE-2025-40266
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
CVE-2025-40266
CVE-2025-40266 : Linux kernel KVM for arm64 fixes an issue where the untrusted offset used in FF-A memory sharing was not properly verified, risking out-of-bounds access in the hypervisor. A patch now verifies the offset to prevent OOB accesses when a large value is provided by the host ([U32_MAX...
EUVD-2025-201191
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
Linux Distros Unpatched Vulnerability : CVE-2025-40266
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large...
EUVD-2025-138880
Malicious code in poglymer-ogihh-ffa npm...
EUVD-2025-18609
Malicious code in bioql PyPI...
Ubuntu 24.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-7789-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7789-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...
USN-7789-1 linux-oracle-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...
USN-7769-2 linux-realtime-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...
SUSE CVE-2023-53256
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...
CVE-2023-53256
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...
CVE-2023-53256 firmware: arm_ffa: Fix FFA device names for logical partitions
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...
PT-2025-37697
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The Linux kernel contains a flaw in the arm ffa firmware where the device naming scheme for logical partitions fails to uniquely identify multiple services within a physical partition...
Linux Distros Unpatched Vulnerability : CVE-2025-38043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: armffa: Set dmamask for ffa devices Set dmamask for FFA devices, otherwise DMA allocation using the device pointer lead to following warning: WARNING:...
firmware: arm_ffa: Set dma_mask for ffa devices
...
SUSE CVE-2025-38388
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Replace mutex with rwlock to avoid sleep in atomic context The current use of a mutex to protect the notifier hashtable accesses can lead to issues in the atomic context. It results in the below kernel warnings:...
SUSE CVE-2025-38390
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
DEBIAN-CVE-2025-38374
In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...
UBUNTU-CVE-2025-38390
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
UBUNTU-CVE-2025-38374
In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...