90 matches found
CVE-2023-31315
Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...
DEBIAN-CVE-2023-31315
Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...
UBUNTU-CVE-2023-31315
Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...
CVE-2023-31315
Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...
CVE-2023-31315
Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...
CVE-2023-31315
Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...
kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD The Linux kernel CVE team has assigned CVE-2024-35801 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T...
SUSE CVE-2024-35801
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD Commit 672365477ae8 "x86/fpu: Update XFD state where required" and commit 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per CPU variable xfdstate to keep the MSRIA32X...
UBUNTU-CVE-2024-35801
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD Commit 672365477ae8 "x86/fpu: Update XFD state where required" and commit 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per CPU variable xfdstate to keep the MSRIA32X...
PT-2024-12272
Name of the Vulnerable Software and Affected Versions AMD EPYC Processors affected versions not specified AMD Ryzen Processors affected versions not specified AMD Threadripper Processors affected versions not specified Description The issue is related to improper validation in a model specific...
PT-2024-6084
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the use of memory after it has been freed in the Linux kernel, specifically in the x86/fpu component. This can lead to a crash of the kernel when the xfd update...
SUSE CVE-2021-46940
In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...
DEBIAN-CVE-2021-46977
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a user return MSR via RDSMR/WRMSR. If the MSR holds a different value per logical CPU, the WRMSR could corrupt the host's value if KVM is...
CVE-2022-23818
Insufficient input validation on the model specific register: VMHSAVEPA may potentially lead to loss of SEV-SNP guest memory integrity...
SUSE CVE-2013-1796
The kvmsetmsrcommon function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required timepage alignment during an MSRKVMSYSTEMTIME operation, which allows guest OS users to cause a denial of service buffer overflow and host OS memory corruption or possibly have...
SUSE CVE-2014-3610
The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service host OS crash by leveraging guest OS privileges, relate...
SUSE CVE-2016-4440
arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service host OS crash or possibly execute arbitrary code on the host OS, via x2APIC mode...
ASUS Armoury Crate Service 安全漏洞
ASUS Armoury Crate Service is a software utility program from ASUS, China. It is designed to provide centralized control over supported ROG gaming products. An elevation of privilege vulnerability exists in ASUS Armoury Crate Service versions prior to 5.3.4.1, which stems from an unprivileged IOC...
GIGABYTE APP Center < 19.4.22.1 Multiple Vulnerabilities
The version of GIGABYTE APP Center installed on the remote host is prior to 19.4.22.1. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.5...
GIGABYTE XTREME GAMING ENGINE < 1.26 Multiple Vulnerabilities
The version of GIGABYTE XTREME GAMING ENGINE installed on the remote host is prior to 1.26. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE befor...