UBUNTU-CVE-2022-2153

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

CVE-2022-1263

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

CVE-2022-1263

CVE-2022-1263 is a Linux kernel KVM NULL pointer dereference bug that triggers when releasing a vCPU with dirty ring support enabled. An unprivileged local attacker on the host can issue specific ioctl calls to cause a kernel oops and DoS. Public advisories (e.g., Amazon Linux 2 ALAS2KERNEL-5.15-...

CVE-2022-1263

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

GSD-2022-1002801 media: i2c: max9286: fix kernel oops when removing module

media: i2c: max9286: fix kernel oops when removing module This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

UBUNTU-CVE-2022-1263

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.

...

UBUNTU-CVE-2021-4095

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl. This fl...

PT-2021-8162 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a null pointer dereference in the i40e component of the Linux kernel. This occurs when synchronizing VSI filters, potentially allowing an attacker to cause a...

SUSE: Security Advisory (SUSE-SU-2018:3332-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: dereferencing NULL payload with nonzero length

A flaw was found in the implementation of associative arrays where the addkey systemcall and KEYCTLUPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service. A local user is able to crash the process in a divide-by-zero error and kernel oops by reading TCP stats...

openSUSE Security Update : xen (openSUSE-2019-1046) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

openSUSE Security Update : xen (openSUSE-2018-1624) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

openSUSE Security Update : xen (openSUSE-2018-1331) (Foreshadow)

This update for xen fixes the following issues : XEN was updated to the Xen 4.9.3 bug fix only release bsc1027519 - CVE-2018-17963: qemudeliverpacketiov accepted packet sizes greater than INTMAX, which allows attackers to cause a denial of service or possibly have unspecified other impact...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:3490-1) (Foreshadow)

This update for xen fixes the following issues : XEN was updated to the Xen 4.9.3 bug fix only release bsc1027519 CVE-2018-17963: qemudeliverpacketiov accepted packet sizes greater than INTMAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. bsc11110...

SUSE SLES12 Security Update : xen (SUSE-SU-2018:3332-1)

This update for xen fixes the following issues : CVE-2018-17963: qemudeliverpacketiov accepted packet sizes greater than INTMAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. bsc1111014 CVE-2018-15468: The DEBUGCTL MSR contains several debugging...

UBUNTU-CVE-2018-13094

An issue was discovered in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfsdashrinkinode is called with a NULL bp...

Linux kernel memory misreference vulnerability (CNVD-2018-16259)

Linux kernel is the kernel used by Linux, an open source operating system released by the Linux Foundation in the U.S. The ntfs.ko filesystem driver is one of the drivers that supports the NTFS filesystem. A memory misreference vulnerability exists in the 'ntfsreadlockedinode' function of the...

CVE-2018-12930

ntfsendbufferasyncread in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service kernel oops or panic or possibly have unspecified other impact via a crafted ntfs filesystem...