CVE-2025-29936

Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...

CVE-2025-29936

CVE-2025-29936 involves the AMD Platform Management Framework (PMF) Driver. Description: improper input validation could allow a local attacker to un-map arbitrary memory pages, potentially impacting integrity and availability, or facilitate privilege escalation with loss of confidentiality. The ...

CVE-2025-29936

Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...

AMD多款产品 输入验证错误漏洞

The AMD Ryzen is a central processing unit CPU developed by American semiconductor company AMD. Several AMD products have a vulnerability related to input validation. This vulnerability arises due to improper input validation, which may allow attackers to unmapped any memory page, thereby affecti...

CVE-2026-43389

A flaw was found in the memfdluo subsystem of the Linux kernel. When using memfd preservation with Live Update Operations LUO, the kernel may incorrectly mark a memory page folio as clean even if it contains user data. This can lead to data loss, as the kernel might reclaim these 'dirty' folios...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...

CVE-2026-22167

CVE-2026-22167 concerns a GPU DDK vulnerability where cache-resident PM buffers can be written by other GPU requestors. The issue allows software running as a non-privileged user to issue improper GPU system calls, forcing the GPU to write to arbitrary physical memory pages. Under certain conditi...

EUVD-2026-26664

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

PT-2026-34954

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA ctxfi component where the ct vm map function always uses Page Table Entries PTEs in vm-ptp0.area regardless of the CT PTP NUM value. On AMD64 systems, a singl...

Contrast BadAML injection allows arbitrary code execution

BadAML BadAML is an AML injection attack that exploits the ACPI interface and allows arbitrary code execution in a confidential VM. The attack was first published in 2024: - - Impact An attacker with control over the host which is assumed in the attacker model of Contrast can execute malicious AM...

ROS-20260220-73-0017

A vulnerability in the calipsoreqsetattr and calipsoreqdelattr functions of the calipso component of the Linux kernel is related to a violation of the counting of the number of references to pages mapped in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of...

CVE-2018-10172

7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989838)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989838 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size mdsize will have been narrowed ...

EUVD-2011-1745

Malware in sbrugna...

EUVD-2018-2250

Malware in sbrugna...

EUVD-2022-7220

Malicious code in bioql PyPI...

EUVD-2025-28254

Malicious code in bioql PyPI...

CVE-2025-27466

A NULL pointer dereference vulnerability exists in Xen’s viridian implementation when updating the reference TSC area. A malicious x86 HVM guest with the referencetsc viridian extension enabled could trigger this flaw, resulting in a host denial of service crash. Mitigation Disabling the...

UBUNTU-CVE-2025-58143

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

CVE-2025-27466 Mutiple vulnerabilities in the Viridian interface

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...