21 matches found
CVE-2024-36332
Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...
Linux Distros Unpatched Vulnerability : CVE-2023-46813
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the V...
SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2024:1097-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1097-1 advisory. This update for the Linux Kernel 5.14.21-15050011 fixes several issues. The following security issues were fixed: - CVE-2023-6531: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2024:1039-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1039-1 advisory. This update for the Linux Kernel 5.14.21-15050053 fixes several issues. The following security issues were fixed: - CVE-2023-6531: Fixed a...
SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP5) (SUSE-SU-2024:1023-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1023-1 advisory. This update for the Linux Kernel 5.14.21-1505005512 fixes several issues. The following security issues were fixed: - CVE-2023-6531: Fixed a...
SUSE SLES15 Security Update : kernel RT (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:0986-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0986-1 advisory. This update for the Linux Kernel 5.14.21-1505001318 fixes several issues. The following security issues were fixed: - CVE-2023-6531: Fixed a...
kernel: SEV-ES local priv escalation
A buffer overflow and null pointer dereference flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their...
RHEL 8 : kernel-rt (RHSA-2024:0881)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0881 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
USN-6626-3: Linux kernel (Azure) vulnerabilities
Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...
kernel: SEV-ES local priv escalation
A buffer overflow and null pointer dereference flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their...
RHEL 9 : kernel-rt (RHSA-2024:0431)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0431 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
USN-6533-1: Linux kernel (OEM) vulnerabilities
Tom Dohrmann discovered that the Secure Encrypted Virtualization SEV implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service system crash or possibly...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-430)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-430 advisory. An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulati...
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4414-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4414-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe,...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4375-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4375-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being...
CVE-2023-46813
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory and th...
Race condition
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory and th...
CVE-2023-46813
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory and th...
CVE-2023-46813
CVE-2023-46813 affects the Linux kernel before 6.5.9. The issue arises from incorrect access checking in the #VC handler and SEV-ES MMIO instruction emulation, allowing a race where an attacker with userspace MMIO access can replace an instruction before the #VC handler reads it. This can lead to...
CVE-2019-0154
A flaw was found in Intel graphics hardware GPU where a local attacker with the ability to issue an ioctl could trigger a hardware level crash if MMIO registers were read while the graphics card was in a low-power state. This creates a denial of service situation and the GPU and connected display...