827 matches found
CVE-2021-28685
AsIO264.sys and AsIO232.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process and to interact with MSR registers. This cou...
FreeBSD-SA-21:08.vm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-21:08.vm Security Advisory The FreeBSD Project Topic: Memory disclosure by stale virtual memory mapping Category: core Module: vm Announced: 2021-04-06 Credits:...
Qualcomm Graphics Access Control Error Vulnerability
Qualcomm Graphics is a Qualcomm graphics support firmware for use on processors. A security vulnerability exists in Qualcomm Graphics that stems from the use of mmap, where the kgsl driver has a special offset value that can be supplied to map the GPU memstore to user space...
CVE-2020-35608
A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AFPACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses...
CVE-2020-35608
A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AFPACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses...
CVE-2020-29483
CVE-2020-29483 — Xen 4.14.x (Xenstore/Xenstored issue) Affected component: Xenstore/Xenstored communication (guest–host via shared memory page). Root cause: If a guest violates the Xenstore protocol, xenstored drops the connection by removing the guest from its internal database and sending an @r...
PT-2020-6485
Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileg...
PT-2020-6443 · Qualcomm · Qualcomm Snapdragon Wearables +7
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Qualcomm Snapdragon Compute affected versions not specified Qualcomm Snapdragon Connectivity affected versions not specified Qualcomm Snapdragon Consumer IOT affected versions not...
VulnCheck KEV: CVE-2021-1905
Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously...
CVE-2020-15481
An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This cou...
CVE-2020-15481
An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This cou...
Design/Logic Flaw
An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This cou...
CVE-2020-15481
An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This cou...
UBUNTU-CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service
By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...
kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service
By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...
CVE-2020-3613
Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150...
Double free
Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150...
CVE-2020-3613
Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150...