Lucene search
K

125 matches found

Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.6 views

PT-2024-11866 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: The issue is related to the Linux kernel's NVMe component, specifically with the nvme mpath revalidate paths function in drivers/nvme/host/multipath.c and the nvme ns remove functi...

9.1CVSS6.6AI score0.03681EPSS
Exploits10References1696
Microsoft CVE
Microsoft CVE
added 2024/10/12 7:0 a.m.1 views

scsi: qla2xxx: validate nvme_local_port correctly

...

5.5CVSS6.6AI score0.00236EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/10/04 12:0 a.m.5 views

The vulnerability of the nvme_tcp_error_recovery_work() function in the Linux operating system’s NVMe driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nvmetcperrorrecoverywork function in the drivers/nvme/host/tcp.c file of the Linux NVMe kernel driver is related to the reutilization of previously released memory due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker ...

7.8CVSS6.8AI score0.00246EPSS
Exploits0References16Affected Software3
RedHat Linux
RedHat Linux
added 2024/09/11 1:10 a.m.11 views

kernel: nvme: avoid double free special payload

In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQFSPECIALLOAD when the request is cleaned...

7.8CVSS6.4AI score0.00248EPSS
Exploits0References5
OSV
OSV
added 2024/08/12 8:31 p.m.14 views

CLSA-2024-1723494706 Fix of 19 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...

7.8CVSS6.8AI score0.00284EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/08/10 7:0 a.m.2 views

nvme-rdma: fix possible use-after-free in transport error_recovery work

...

7.8CVSS6.8AI score0.00324EPSS
Exploits0
OSV
OSV
added 2024/07/29 3:15 p.m.1 views

UBUNTU-CVE-2024-41073

In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQFSPECIALLOAD when the request is cleaned...

7.8CVSS6.2AI score0.00248EPSS
Exploits0References31
Microsoft CVE
Microsoft CVE
added 2024/07/12 7:0 a.m.5 views

Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get

...

4.3CVSS6.2AI score0.01657EPSS
Exploits0
OSV
OSV
added 2024/06/26 1:1 p.m.8 views

USN-6819-4 linux-oracle-6.5 vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.5AI score0.78388EPSS
Exploits2References150
RedHat Linux
RedHat Linux
added 2024/06/11 5:33 p.m.5 views

kernel: NULL pointer dereference in nvmet_tcp_build_iovec

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...

7.5CVSS6.6AI score0.01448EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/06/11 5:33 p.m.6 views

kernel: NULL pointer dereference in __nvmet_req_complete

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...

7.5CVSS6.6AI score0.01537EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.3 views

kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get

An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer...

4.3CVSS7AI score0.01657EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.10 views

kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get

An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer...

4.3CVSS7AI score0.01657EPSS
Exploits0References4
OSV
OSV
added 2024/04/17 10:15 a.m.1 views

DEBIAN-CVE-2024-26846

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

4.4CVSS5.2AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/03/19 3:27 p.m.12 views

USN-6686-3 linux-oracle, linux-oracle-5.15 vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

7.8CVSS6.9AI score0.01657EPSS
Exploits0References10
Akamai Blog
Akamai Blog
added 2024/03/11 1:0 p.m.4 views

Enhancing Object Storage Performance: Introducing NVMe Hardware and Expanded Capacity

...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/02/20 12:35 p.m.1 views

kernel: NULL pointer dereference in __nvmet_req_complete

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...

7.5CVSS6.6AI score0.01537EPSS
Exploits0References4
OSV
OSV
added 2024/02/07 9:15 p.m.5 views

DEBIAN-CVE-2023-6356

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...

7.5CVSS6.3AI score0.01448EPSS
Exploits0References1
OSV
OSV
added 2024/02/07 9:15 p.m.1 views

DEBIAN-CVE-2023-6536

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...

7.5CVSS6.3AI score0.01537EPSS
Exploits0References1
OSV
OSV
added 2024/02/07 9:15 p.m.4 views

UBUNTU-CVE-2023-6356

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...

7.5CVSS6.6AI score0.01448EPSS
Exploits0References11
Rows per page
Query Builder