Lucene search
K

42 matches found

Microsoft CVE
Microsoft CVE
added 2026/05/28 8:8 a.m.9 views

ibmasm: fix OOB reads in command_file_write due to missing size checks

...

7.1CVSS5.4AI score0.00139EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:1 a.m.9 views

ibmasm: fix heap over-read in ibmasm_send_i2o_message()

...

7.1CVSS5.4AI score0.00126EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.11 views

SUSE CVE-2026-46022

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 9:42 p.m.22 views

CVE-2026-45994

A flaw was found in the Linux kernel's ibmasm module. This vulnerability, an out-of-bounds read in the commandfilewrite function, allows an attacker to cause the system to read beyond the intended memory boundaries. By manipulating the allocation size and header fields, an attacker can trigger th...

7.1CVSS5.8AI score0.00139EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:26 p.m.10 views

CVE-2026-46022

A flaw was found in the Linux kernel's ibmasm module. A compromised service processor can exploit this by manipulating specific hardware registers, causing the system to read data from an unintended memory location. This out-of-bounds read can lead to a system crash, resulting in a Denial of...

7.1CVSS5.8AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 6:57 p.m.15 views

CVE-2026-46064

A flaw was found in the Linux kernel's ibmasm module. A local root user can exploit a heap over-read vulnerability within the ibmasmsendi2omessage function. This vulnerability arises from insufficient validation of user-controlled input sizes, allowing the system to read beyond allocated memory...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32290

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

5.9AI score0.00139EPSS
Exploits0References6
NVD
NVD
added 2026/05/27 2:17 p.m.17 views

CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

7.1CVSS0.00126EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46022

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...

7.1CVSS0.00145EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-45994

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

7.1CVSS0.00139EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.12 views

UBUNTU-CVE-2026-45994

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

7.1CVSS5.8AI score0.00139EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.45 views

CVE-2026-46064 ibmasm: fix heap over-read in ibmasm_send_i2o_message()

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

0.00126EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

5.8AI score0.00126EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:57 p.m.19 views

CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

7.1CVSS5.8AI score0.00126EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:57 p.m.31 views

CVE-2026-46064

CVE-2026-46064 affects the Linux kernel’s ibmasm_send_i2o_message, where the copy size is derived from user-controlled dot_command_header fields and not validated against allocation size. This can let an attacker perform a heap over-read by memcpy_toio(), reaching up to ~65 KB beyond the allocate...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.15 views

EUVD-2026-32403

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...

5.8AI score0.00145EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.46 views

CVE-2026-46022 misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...

0.00145EPSS
Exploits0References8
CVE
CVE
added 2026/05/27 12:56 p.m.29 views

CVE-2026-46022

CVE-2026-46022 relates to the Linux kernel code in misc: ibmasm where an OOB MMIO read occurs in ibmasm_handle_mouse_interrupt due to unbounded queue index usage. The root cause is unbounded values from get_queue_reader()/get_queue_writer() fed into get_queue_entry(), producing a potentially inva...

7.1CVSS5.8AI score0.00145EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.11 views

CVE-2026-45994

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

7.1CVSS5.8AI score0.00139EPSS
Exploits0
Rows per page
Query Builder