Lucene search
K

73 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

0.00177EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.10 views

CVE-2024-36332

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...

6.8CVSS5.5AI score0.00105EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 6:6 a.m.11 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/20 4:10 a.m.10 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/15 2:51 a.m.9 views

CVE-2024-36332

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...

6.8CVSS5.8AI score0.00105EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/06 5:34 p.m.10 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/06 8:46 a.m.5 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/06 8:21 a.m.7 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 5:31 a.m.9 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of stack-local variables as source data during KVM x86 MMIO writes. When writing data tha...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.5 views

PT-2026-34940

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 component. This occurs when the emulator initiates a write using an on-stack local variable as the source, the write splits a page boundary,...

9.8CVSS5.8AI score0.00311EPSS
Exploits0References330
OSV
OSV
added 2026/04/01 9:16 a.m.4 views

UBUNTU-CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

8.1CVSS5.7AI score0.00184EPSS
Exploits0References4
CVE
CVE
added 2026/04/01 8:36 a.m.144 views

CVE-2026-23401

CVE-2026-23401: In the Linux kernel KVM x86/mmu, a race allowed installing an MMIO SPTE without first zapping an existing shadow-present SPTE when guest memory writes occurred outside KVM’s scope. This could enable a guest‑memory–related fault to leave a shadow SPTE intact when an MMIO SPTE is in...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References23Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/19 12:26 a.m.3 views

SUSE CVE-2026-23213

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...

4.4CVSS5.7AI score0.00113EPSS
Exploits0References19
OSV
OSV
added 2026/02/18 2:21 p.m.7 views

CVE-2026-23213 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...

5.5CVSS5.3AI score0.00113EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002158)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002158 advisory. Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service guest OS crash via a crafted application th...

4.9CVSS6.5AI score0.00374EPSS
Exploits0References20
CVE
CVE
added 2026/01/05 9:32 a.m.19 views

CVE-2025-68760

The CVE-2025-68760 entry concerns a Linux kernel vulnerability in the AMD IOMMU where iommu_mmio_write() validates the user offset against mmio_phys_end - 4 (assuming 4-byte access), but iommu_mmio_show() performs an 8-byte read (readq). If the offset equals mmio_phys_end - 4, this allows a 4-byt...

6.1AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.8 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to destroy the target device when the KVM merge MMIO device logout fails, potentially leading to...

6.1AI score0.00161EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.6 views

PT-2025-52981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to KVM Kernel-based Virtual Machine coalesced MMIO Memory Mapped I/O unregistration. Specifically, the target device is not properly destroyed an...

7.8CVSS6.4AI score0.00465EPSS
Exploits2References897
Packet Storm News
Packet Storm News
added 2025/12/17 12:0 a.m.7 views

CAPIO: Safe Kernel-Bypass of Commodity Devices Using Capabilities

Securing low-latency I/O in commodity systems forces a fundamental trade-off: rely on the kernel's high overhead mediated interface, or bypass it entirely, exposing sensitive hardware resources to userspace and creating new vulnerabilities. This dilemma stems from a hardware granularity mismatch:...

6.8AI score
Exploits0
Rows per page
Query Builder