31 matches found
K80622270: Linux kernel vulnerability CVE-2020-10742
Security Advisory Description A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this...
PT-2025-37875
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ext4 filesystem implementation where the i disksize can exceed i size during partial write operations. This condition can trigger a warning and...
OESA-2022-1791 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translatefail path, leading to an ioreadx or iowritex crash.CVE-2022-35414...
AZL-10110 CVE-2022-35414 affecting package qemu for versions less than 6.2.0-7
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translatefail path, leading to an ioreadx or iowritex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use ca...
CVE-2021-21789
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via...
CVE-2021-21788
Summary: CVE-2021-21788 affects IOBit Advanced SystemCare Ultimate 14.2.0.220, where the driver mishandles Privileged I/O write requests. The vulnerability is triggered via IOCTL 0x9c40a0dc (and related IOCTLs in TALOS analysis), where the first dword of the input buffer selects the device port a...
CVE-2020-10742
A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality...
CVE-2020-13512
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause increased privileges. Using the IRP 0x9c40a0d8 gives a low privilege user direct access to the OUT instruction that...
NZXT CAM 权限许可和访问控制问题漏洞
NZXT CAM is a performance monitoring software for gaming computers from NZXT USA. The software can be used to manage computer performance, temperature, and devices to ensure that the computer is at optimal performance. NZXT CAM 4.8.0 suffers from a Privilege Permission and Access Control Issues...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. The vulnerability exists due to an index buffer overflow during Direct IO write leading to the NFS client to crash...
QEMU - Programmable Interrupt Timer Controller Heap Overflow
Source: https://code.google.com/p/google-security-research/issues/detail?id=419c4 The programmable interrupt timer PIT controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller, allowing both an information disclosure and heap-overflow...