12 matches found
CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
CVE-2026-57851
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
Xen: x86 HVM I/O Port List Traversal (XSA-491)
HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses therefore needs...
CVE-2025-1272 Kernel: secure boot does not automatically enable kernel lockdown
The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...
CVE-2025-1272
Summary (CVE-2025-1272) : The Fedora Linux kernel lockdown mode for kernels starting with 6.12 is reported to be disabled without warning, enabling potential exposure of sensitive kernel data (memory mappings, I/O ports, BPF, and kprobes) and allowing unsigned modules to load, which could break S...
VulnCheck KEV: CVE-2018-19322
The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges...
PT-2020-13118
Name of the Vulnerable Software and Affected Versions: G.SKILL Trident Z Lighting Control versions 1.00.08 and earlier Description: The issue allows local non-privileged users to access sensitive operations, including mapping and un-mapping of physical memory, reading and writing to Model Specifi...
PT-2019-3247 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.0.4 Description: The issue is related to a use-after-free error in the Linux kernel, specifically in the ipmi si module, which can be exploited to execute arbitrary code or cause a denial of service. This is d...
qemu: incorrect banked access bounds checking in vga module
An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...
qemu: incorrect banked access bounds checking in vga module
An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...
kernel: kvm: reporting emulation failures to userspace
It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain...
kernel: kvm: reporting emulation failures to userspace
It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain...