Lucene search
K

250 matches found

OSV
OSV
added 2022/03/10 8:15 p.m.4 views

UBUNTU-CVE-2022-23038

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.6AI score0.00359EPSS
Exploits0References5
Prion
Prion
added 2022/03/10 8:15 p.m.27 views

Race condition

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

4.4CVSS6.7AI score0.00359EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/03/10 7:20 p.m.247 views

CVE-2022-23042

CVE-2022-23042 is part of a set describing race-condition vulnerabilities in Linux PV (paravirtualization) grant-table frontends. The Astra Linux advisories summarize that multiple frontends—blkfront, netfront, scsifront, and the gntalloc driver—test whether a grant reference is still in use, and...

7CVSS7.3AI score0.00359EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2022/03/10 7:20 p.m.71 views

CVE-2022-23042

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.8AI score0.0025EPSS
Exploits0
Cvelist
Cvelist
added 2022/03/10 7:20 p.m.34 views

CVE-2022-23042

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7.5AI score0.00359EPSS
Exploits0References2
CVE
CVE
added 2022/03/10 7:20 p.m.212 views

CVE-2022-23036

The Connected Astra Linux entries provide concrete details for CVEs 2022-23036 to 2022-23042 and related entries, describing a shared vulnerability class in Linux PV device frontends. Specifically, blkfront, netfront, scsifront, and the gntalloc driver use grant-table interfaces to remove backend...

7CVSS7.3AI score0.00359EPSS
Exploits0References2Affected Software1
Xen Project
Xen Project
added 2022/03/10 12:0 p.m.67 views

Linux PV device frontends vulnerable to attacks by backends

ISSUE DESCRIPTION Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious...

7CVSS7.3AI score0.00359EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/03/31 9:3 p.m.6 views

kernel: out of bound read in DVB connexant driver.

A vulnerability was found in the Linux kernel’s CX24116 tv-card driver, where an out of bounds read occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. An attacker could use this flaw to leak kernel private information to userspace...

5.5CVSS7.1AI score0.00416EPSS
Exploits0References4
OSV
OSV
added 2019/04/09 7:47 p.m.22 views

GHSA-926Q-WXR6-3CRQ Moderate severity vulnerability that affects roundup

Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgihandler.py mishandle 404 errors...

6.1CVSS5.8AI score0.01568EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.30 views

Ubuntu 4.10 : imagemagick vulnerability (USN-90-1)

Tavis Ormandy discovered a format string vulnerability in ImageMagick's file name handling. Specially crafted file names could cause a program using ImageMagick to crash, or possibly even cause execution of arbitrary code. Since ImageMagick can be used in custom printing systems, this also might...

7.5CVSS5.9AI score0.04219EPSS
Exploits0References1
Rows per page
Query Builder