SUSE CVE-2024-38614

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions for debugging among others. There is a bug where the trap...

CVE-2024-36281

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use mlx5ipsecrxstatusdestroy to correctly delete status rules rxcreate no longer allocates a modifyhdr instance that needs to be cleaned up. The mlx5modifyheaderdealloc call will lead to a NULL pointer dereference. A le...

CVE-2024-36281 net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use mlx5ipsecrxstatusdestroy to correctly delete status rules rxcreate no longer allocates a modifyhdr instance that needs to be cleaned up. The mlx5modifyheaderdealloc call will lead to a NULL pointer dereference. A le...

CVE-2024-38614

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions for debugging among others. There is a bug where the trap...

UBUNTU-CVE-2024-38614

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions for debugging among others. There is a bug where the trap...

CVE-2024-38614

CVE-2024-38614 affects the Linux kernel OpenRISC traps handling. The issue: trap handling could send signals to kernel-mode threads (not user processes), which should not occur; it may be treated as an error when it happens. The patch adds explicit checks to terminate/die when these exceptions ar...

CVE-2024-38614 openrisc: traps: Don't send signals to kernel mode threads

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions for debugging among others. There is a bug where the trap...

CVE-2024-38614 openrisc: traps: Don't send signals to kernel mode threads

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions for debugging among others. There is a bug where the trap...

CVE-2022-23829

CVE-2022-23829 describes a potential weakness in AMD SPI protection features that could allow a Ring0 (kernel mode) attacker to bypass native SMM ROM protections. AMD's bulletin (AMD-SB-1041) lists affected products across Ryzen Ryzen 5000/6000/7000 series, Threadripper PRO, and EPYC generations,...

AMD Ryzen Security Breach

AMD Ryzen is a central processing unit CPU from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Ryzen that stems from a potential issue in the SPI protection feature that could allow an attacker with kernel-mode access to bypass the native system management mode ROM protecti...

Microsoft and Adobe Patch Tuesday, June 2024 Security Update Review

Microsofts June Patch Tuesday is here, bringing fixes for vulnerabilities impacting its multiple products. This months release highlights the ongoing battle against cybersecurity threats, from critical updates to important fixes. Lets dive into the crucial insights from Microsofts Patch Tuesday...

CVE-2024-35250

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...

CVE-2024-30084

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...

CVE-2024-30084

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...

CVE-2024-30084 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

...

CVE-2024-30084 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

...

CVE-2024-30084

Technical details (affected product/versions/root cause/impact) for CVE-2024-30084 are not publicly available in the provided documents. Monitor for updates.

CVE-2024-35250 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

...

CVE-2024-35250 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

...

CVE-2024-35250

CVE-2024-35250 is a Windows kernel‑mode driver LPE in ks.sys (Kernel Streaming core) caused by an untrusted pointer dereference. PoCs and exploits exist (e.g., PoCs on GitHub; KS driver) with active demonstrations, and exploitation has been observed in public material. Microsoft addressed the iss...