PT-2024-10904 · Amd · Asp Kernel

Name of the Vulnerable Software and Affected Versions: ASP kernel affected versions not specified Description: Insufficient access controls in the ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas,...

PT-2024-6385

Name of the Vulnerable Software and Affected Versions Xen affected versions not specified Description The issue is related to flawed error handling in the logic establishing mappings for Reserved Memory Regions RMRR in Intel VT-d or Unity Mapping ranges for AMD-Vi. This flaw can result in mapping...

CVE-2024-23381

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU...

UBUNTU-CVE-2024-41011

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We remap the HDP flush...

CVE-2024-40984

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." Undo the modifications made in commit d410ee5109a1 "ACPICA: avoid "Info: mapping multiple BARs. Your kernel is fine."". The initial purpose of this...

CVE-2024-40948

In the Linux kernel, the following vulnerability has been resolved: mm/pagetablecheck: fix crash on ZONEDEVICE Not all pages may apply to pgtable check. One example is ZONEDEVICE pages: they map PFNs directly, and they don't allocate pageext at all even if there's struct page around. One may...

SUSE CVE-2024-40984

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." Undo the modifications made in commit d410ee5109a1 "ACPICA: avoid "Info: mapping multiple BARs. Your kernel is fine."". The initial purpose of this...

PT-2024-41486 · Gnu · Linux

Уязвимость функции udmabuf vm fault драйвера udmabuf drivers/dma-buf/udmabuf.c ядра операционных систем Linux связана с нарушением подсчёта количества ссылок на страницы, отображённые в памяти. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на целостность данных или вызват...

DEBIAN-CVE-2024-39497

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE Lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flag causing a kernel panic due to BUGON in...

UBUNTU-CVE-2024-40918

In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier processors are much more...

UBUNTU-CVE-2024-40984

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." Undo the modifications made in commit d410ee5109a1 "ACPICA: avoid "Info: mapping multiple BARs. Your kernel is fine."". The initial purpose of this...

SUSE CVE-2024-38610

In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrnvmrammap Patch series "mm: followpte improvements and acrn followpte fixes". Patch 1 fixes a bunch of issues I spotted in the acrn driver. It compiles, that's all I know. I'll...

AZL-42844 CVE-2024-39277 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMANONODE correctly cpumaskofnode can be called for NUMANONODE inside domapbenchmark resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

DEBIAN-CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 "kasan, vmalloc: unpoison VMALLOC pages after mapping", non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enabled. But now the...

PT-2024-29139

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to random segmentation faults in package builds on PA-RISC systems with PA8800 and PA8900 processors. These systems have a large L2 cache that requires per-page...

CVE-2021-47544

In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root cause is quite similar...

CVE-2024-36056

Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily map physical memory via IOCTL 0x9c406490 for IoAllocateMdl, MmBuildMdlForNonPagedPool, and MmMapLockedPages, leading to NT AUTHORITY\SYSTEM privilege escalation...

CVE-2024-36056

The connected PT-2024-26869 entry provides concrete details for Marvin Test HW.exe prior to version 5.0.5.0, where Hw64.sys allows unprivileged user-mode processes to arbitrarily map physical memory via IOCTL 0x9c406490 (involving IoAllocateMdl, MmBuildMdlForNonPagedPool, and MmMapLockedPages). T...

CVE-2024-36055

Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily map physical memory with read/write access via the MmMapIoSpace API IOCTL 0x9c40a4f8, 0x9c40a4e8, 0x9c40a4c0, 0x9c40a4c4, 0x9c40a4ec, and seven others, leading to a denial of service BSOD...

MarvinTest Solutions HW.exe 安全漏洞

MarvinTest Solutions HW.exe is a driver file from MarvinTest Solutions, USA. A security vulnerability exists in MarvinTest Solutions HW.exe versions prior to 5.0.5.0 that originates from a denial of service by allowing arbitrary mapping of physical memory with read/write access...