CVE-2024-46792 riscv: misaligned: Restrict user access to kernel memory

In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory rawcopyto,fromuser do not call accessok, so this code allowed userspace to access any virtual memory address...

CVE-2024-46792

In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory rawcopyto,fromuser do not call accessok, so this code allowed userspace to access any virtual memory address...

PT-2024-7500 · Realtek · Realtek Sd Card Reader Driver

Name of the Vulnerable Software and Affected Versions: Realtek SD card reader driver versions prior to 10.0.26100.21374 Description: The issue is related to a buffer overflow in the RtsPer.sys driver, which can be exploited by an attacker to write to arbitrary kernel memory locations. This can be...

CVE-2024-45181

An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption...

CVE-2024-45181

The vulnerability CVE-2024-45181 affects WIBU-SYSTEMS WibuKey64.sys in WibuKey prior to v6.70 and was fixed in v6.70. The issue is an improper bounds check that allows crafted packets to perform an arbitrary address write, causing kernel memory corruption. A related issue (CVE-2024-45182) describ...

Wibu-Systems WibuKey 安全漏洞

Wibu-Systems WibuKey is a digital rights management DRM system from Wibu-Systems, Germany. A security vulnerability exists in Wibu-Systems WibuKey versions prior to 6.70, which arises from a boundary check that allows specially crafted packets to result in arbitrary address writes, and thus kerne...

CVE-2024-45181

An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption...

CVE-2024-45181

An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption...

mm/mglru: fix div-by-zero in vmpressure_calc_level()

...

CVE-2024-42416

The ctlreportsupportedopcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on...

CVE-2024-42416 Multiple issues in ctl(4) CAM Target Layer

The ctlreportsupportedopcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the ctlreportsupportedopcodes function not adequately validating user-space-supplied fields, allowing arbitrary writes to a limited amount of kernel helper memor...

kernel: mm/huge_memory: don't unpoison huge_zero_folio

A vulnerability was found in the Linux kernel's memory management component in the unpoisonmemory function, where it involves improper handling of hugezerofolio when memory failures occur, which can lead to a kernel panic due to an erroneous reference count...

PT-2024-8610 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: bhyve affected versions not specified Description: The issue is related to the ctl report supported opcodes function, which did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel...

SUSE CVE-2023-45896

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...

DEBIAN-CVE-2023-45896

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...

CVE-2023-45896

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...

UBUNTU-CVE-2023-45896

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...

CVE-2023-45896

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...

PT-2024-31367 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when physical memory for the kernel image is allocated, and it does not consider the extra memory required for offsetting the image start to match it with the lower 20...