Lucene search
K

185 matches found

OSV
OSV
added 2024/09/12 9:40 a.m.5 views

USN-7003-1 linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gkeop, linux-ibm, linux-kvm, linux-oracle vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. CVE-2024-40902 Several security issues were discovered in the Linux kernel. An attacker could...

7.8CVSS6.5AI score0.00322EPSS
Exploits1References86
OSV
OSV
added 2024/08/22 12:11 p.m.6 views

USN-6972-2 linux-aws, linux-aws-hwe vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

8.8CVSS6.5AI score0.01167EPSS
Exploits0References19
OSV
OSV
added 2024/08/13 6:11 p.m.12 views

USN-6952-2 linux-azure vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

9.8CVSS7.1AI score0.01483EPSS
Exploits3References234
OSV
OSV
added 2024/07/30 10:59 a.m.4 views

USN-6923-2 linux-aws-5.15, linux-ibm, linux-ibm-5.15, linux-raspi vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

8.1CVSS7.1AI score0.00814EPSS
Exploits0References7
OSV
OSV
added 2024/07/30 10:33 a.m.4 views

USN-6921-2 linux-lowlatency vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

7.7CVSS7AI score0.00276EPSS
Exploits0References8
OSV
OSV
added 2024/07/29 10:38 a.m.14 views

USN-6923-1 linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

8.1CVSS7.1AI score0.00814EPSS
Exploits0References7
OSV
OSV
added 2024/07/19 10:36 a.m.17 views

USN-6896-4 linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS6.7AI score0.01635EPSS
Exploits1References148
OSV
OSV
added 2024/04/19 1:51 p.m.4 views

USN-6742-1 linux, linux-aws, linux-aws-5.15, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...

7.8CVSS6.5AI score0.02224EPSS
Exploits2References5
OSV
OSV
added 2024/04/19 1:42 p.m.6 views

USN-6741-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...

7.8CVSS6.5AI score0.02224EPSS
Exploits2References6
Amazon
Amazon
added 2024/04/01 12:0 a.m.6 views

Medium: kernel

Issue Overview: A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. CVE-2023-52434 In the Linux kernel, the following vulnerabili...

8CVSS7.3AI score0.00983EPSS
Exploits0
OSV
OSV
added 2024/03/20 10:30 p.m.6 views

USN-6702-2 linux-aws, linux-aws-5.4, linux-gcp-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 It was discovered that the ARM Mali Display Processor...

7.8CVSS7.1AI score0.28058EPSS
Exploits16References5
OSV
OSV
added 2024/03/20 1:9 p.m.9 views

USN-6686-4 linux-kvm vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

7.8CVSS6.9AI score0.01657EPSS
Exploits0References10
OSV
OSV
added 2024/02/14 8:1 a.m.9 views

USN-6608-2 linux-nvidia-6.2 vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could...

7.8CVSS6.9AI score0.00843EPSS
Exploits2References6
OSV
OSV
added 2024/01/09 6:4 p.m.5 views

USN-6572-1 linux-azure vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Bien Pham discovered that the netfiler subsystem in the Linux...

7.8CVSS6.8AI score0.0047EPSS
Exploits0References6
OSV
OSV
added 2023/12/06 1:55 p.m.3 views

USN-6537-1 linux-gcp vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

8.8CVSS6.9AI score0.09141EPSS
Exploits3References12
OSV
OSV
added 2023/12/06 1:34 p.m.6 views

USN-6536-1 linux, linux-aws, linux-laptop, linux-lowlatency, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

8.8CVSS6.9AI score0.09141EPSS
Exploits3References7
OSV
OSV
added 2023/11/30 5:24 p.m.7 views

USN-6496-2 linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15 vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.1AI score0.00978EPSS
Exploits0References4
OSV
OSV
added 2023/10/31 9:14 p.m.6 views

USN-6464-1 linux, linux-aws, linux-aws-6.2, linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2, linux-hwe-6.2, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-oracle, linux-raspi, linux-starfive vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

9.1CVSS7.2AI score0.54577EPSS
Exploits1References12
OSV
OSV
added 2023/09/05 9:49 p.m.4 views

USN-6338-1 linux, linux-aws, linux-aws-6.2, linux-hwe-6.2, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-raspi vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7AI score0.0406EPSS
Exploits0References12
OSV
OSV
added 2023/05/30 1:55 p.m.5 views

USN-6118-1 linux-oracle, linux-oracle-5.4 vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7AI score0.00635EPSS
Exploits0References9
Rows per page
Query Builder