39 matches found
PT-2024-34710 · Unknown +1 · Nvme Driver +1
Name of the Vulnerable Software and Affected Versions: NVMe driver affected versions not specified Description: The NVMe driver queue processing is vulnerable to guest-induced infinite loops. Recommendations: At the moment, there is no information about a newer version that contains a fix for thi...
FreeBSD 安全漏洞
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the NVMe driver function nvmeopcgetlogpage being susceptible to buffer over-reading, which allows an attacker to perform a denial-of-service DoS attack against t...
UBUNTU-CVE-2024-47719
In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a conflict between the regionintersects function and the addmemorydrivermanaged function of the resource...
SUSE CVE-2024-26930
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...
The vulnerability of the dlpar_memory_remove_by_index() function in the Linux operating system’s PowerPC PSeries kernel driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dlparmemoryremovebyindex function in the Linux operating system’s PowerPC PSeries kernel memory driver relates to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
CVE-2021-0421
In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381235...
Mediatek 芯片 缓冲区错误漏洞
Mediatek chips are smartphone chipsets from China's MediaTek Mediatek. A security vulnerability exists in Mediatek chips, which stems from a lack of boundary checking in the memory management driver, which could result in a local elevation of privilege that requires system execution privileges. T...
Mediatek 芯片 安全漏洞
Mediatek chips are smartphone chipsets from China's MediaTek Mediatek. A security vulnerability exists in the Mediatek chipset, which is caused by uninitialized data from the memory management driver, which could lead to an information disclosure that could result in a local elevation of privileg...
USN-4286-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition existed in the Softmac USB Prism54 devi...
Man-in-the-Middle (MitM)
The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...
Insufficient Entropy In Key Generation Algorithm
The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...
CVE-2016-10296
An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10290
An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-10290
CVE-2016-10290 is an elevation-of-privilege issue in the Qualcomm Shared Memory Driver used on Android. The vulnerability could allow a local malicious application to execute arbitrary code in the kernel context by exploiting the shared memory driver. The entry specifies that exploitation is loca...
CVE-2016-10290
An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
Scientific Linux Security Update : ntp on 6.x i686/x86_64 (2015:1459)
The remote Scientific Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2015:1459-1 advisory. - The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field...
CentOS 6 : ntp (CESA-2015:1459)
Updated ntp packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
ntp, ntpdate security update
CentOS Errata and Security Advisory CESA-2015:1459 Updated ntp packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerabili...