Lucene search
+L

90 matches found

NVD
NVD
added 2024/08/12 1:38 p.m.32 views

CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS0.00622EPSS
Exploits0References4
OSV
OSV
added 2024/08/12 1:38 p.m.4 views

DEBIAN-CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS8AI score0.00622EPSS
Exploits0References1
OSV
OSV
added 2024/08/12 1:38 p.m.4 views

UBUNTU-CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS7.5AI score0.00622EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/08/09 5:8 p.m.56 views

CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS0.00622EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/09 5:8 p.m.60 views

CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS7.4AI score0.00622EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/08/09 5:8 p.m.23 views

CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS8AI score0.00622EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.4 views

kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD The Linux kernel CVE team has assigned CVE-2024-35801 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T...

7.8CVSS6.8AI score0.00233EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/21 2:0 a.m.4 views

SUSE CVE-2024-35801

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD Commit 672365477ae8 "x86/fpu: Update XFD state where required" and commit 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per CPU variable xfdstate to keep the MSRIA32X...

5.5CVSS6.5AI score0.00233EPSS
Exploits0References16
OSV
OSV
added 2024/05/17 2:15 p.m.3 views

UBUNTU-CVE-2024-35801

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD Commit 672365477ae8 "x86/fpu: Update XFD state where required" and commit 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per CPU variable xfdstate to keep the MSRIA32X...

7.8CVSS6.2AI score0.00233EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.6 views

PT-2024-12272

Name of the Vulnerable Software and Affected Versions AMD EPYC Processors affected versions not specified AMD Ryzen Processors affected versions not specified AMD Threadripper Processors affected versions not specified Description The issue is related to improper validation in a model specific...

7.5CVSS6.8AI score0.00622EPSS
Exploits0References104
Positive Technologies
Positive Technologies
added 2024/03/24 12:0 a.m.8 views

PT-2024-6084

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the use of memory after it has been freed in the Linux kernel, specifically in the x86/fpu component. This can lead to a crash of the kernel when the xfd update...

7.8CVSS5.4AI score0.00233EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/03/01 4:8 a.m.5 views

SUSE CVE-2021-46940

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...

5.5CVSS6.6AI score0.00222EPSS
Exploits0References3
OSV
OSV
added 2024/02/28 9:15 a.m.3 views

DEBIAN-CVE-2021-46977

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a user return MSR via RDSMR/WRMSR. If the MSR holds a different value per logical CPU, the WRMSR could corrupt the host's value if KVM is...

5.5CVSS5.8AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/09 6:36 p.m.34 views

CVE-2022-23818

Insufficient input validation on the model specific register: VMHSAVEPA may potentially lead to loss of SEV-SNP guest memory integrity...

7.7AI score0.00504EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.4 views

SUSE CVE-2013-1796

The kvmsetmsrcommon function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required timepage alignment during an MSRKVMSYSTEMTIME operation, which allows guest OS users to cause a denial of service buffer overflow and host OS memory corruption or possibly have...

6.8CVSS7.3AI score0.00946EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.3 views

SUSE CVE-2014-3610

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service host OS crash by leveraging guest OS privileges, relate...

5.5CVSS6.4AI score0.00595EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.5 views

SUSE CVE-2016-4440

arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service host OS crash or possibly execute arbitrary code on the host OS, via x2APIC mode...

7.8CVSS7.6AI score0.00365EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.6 views

ASUS Armoury Crate Service 安全漏洞

ASUS Armoury Crate Service is a software utility program from ASUS, China. It is designed to provide centralized control over supported ROG gaming products. An elevation of privilege vulnerability exists in ASUS Armoury Crate Service versions prior to 5.3.4.1, which stems from an unprivileged IOC...

7.8CVSS7AI score0.00161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.90 views

GIGABYTE APP Center < 19.4.22.1 Multiple Vulnerabilities

The version of GIGABYTE APP Center installed on the remote host is prior to 19.4.22.1. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.5...

9.8CVSS7.8AI score0.08523EPSS
Exploits9References7
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.78 views

GIGABYTE XTREME GAMING ENGINE < 1.26 Multiple Vulnerabilities

The version of GIGABYTE XTREME GAMING ENGINE installed on the remote host is prior to 1.26. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE befor...

9.8CVSS7.8AI score0.08523EPSS
Exploits9References7
Rows per page
Query Builder