Lucene search
K

103 matches found

RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.9 views

kernel: RDMA/irdma: Cap MSIX used to online CPUs + 1

A bounds checking flaw was found in the Intel RDMA irdma driver in the Linux kernel. The driver may request more MSIX vectors than online CPUs allow, then attempt to set CPU affinity hints with an invalid CPU mask. This triggers kernel warnings and could cause instability...

5.8AI score0.00162EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.10 views

kernel: RDMA/irdma: Cap MSIX used to online CPUs + 1

A bounds checking flaw was found in the Intel RDMA irdma driver in the Linux kernel. The driver may request more MSIX vectors than online CPUs allow, then attempt to set CPU affinity hints with an invalid CPU mask. This triggers kernel warnings and could cause instability...

5.8AI score0.00162EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.50 views

K61547155: QEMU vulnerabilities CVE-2020-10761, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, and CVE-2020-13754

Security Advisory Description CVE-2020-10761 An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remot...

6.7CVSS6.1AI score0.01796EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.2 views

SUSE CVE-2014-1666

The dophysdevop function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the 1 PHYSDEVOPpreparemsix and 2 PHYSDEVOPreleasemsix operations, which allows local PV guests to cause a denial of service host or guest malfunction or possibly gain privileges via...

8.3CVSS6.9AI score0.00876EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.5 views

SUSE CVE-2015-7549

The MSI-X MMIO support in hw/pci/msix.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by leveraging failure to define the .write method...

6CVSS6.3AI score0.00377EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.4 views

SUSE CVE-2020-27821

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting i...

5.7CVSS6.5AI score0.0036EPSS
Exploits0References14
The Hacker News
The Hacker News
added 2022/02/08 3:37 a.m.65 views

Microsoft Temporarily Disables MSIX App Installers to Prevent Malware Abuse

Microsoft last week announced that it's temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader. MSIX, based on...

7.1CVSS7.7AI score0.10295EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2021/07/11 12:0 a.m.65 views

Security update for qemu (important)

openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2021:1942-1 Rating: important References: 1149813 1163019 1175144 1175534 1176681 1178683 1178935 1179477 1179484 1179686 1181103 1182282 1182425 1182968 1182975 1183373 1186290 Cross-References: CVE-2019-15890...

7CVSS7.9AI score0.05447EPSS
Exploits3References17
OSV
OSV
added 2021/05/31 3:39 p.m.11 views

GSD-2021-1000025 dmaengine: idxd: clear MSIX permission entry on shutdown

dmaengine: idxd: clear MSIX permission entry on shutdown This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.16 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.13 views

UVI-2021-1000025 dmaengine: idxd: clear MSIX permission entry on shutdown

dmaengine: idxd: clear MSIX permission entry on shutdown This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.16 by commit...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/05/18 2:6 p.m.2 views

QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting i...

6CVSS6.8AI score0.0036EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.63 views

openSUSE Security Update : qemu (openSUSE-2021-600)

This update for qemu fixes the following issues : - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...

6.5CVSS6.3AI score0.02515EPSS
Exploits3References32
RedHat Linux
RedHat Linux
added 2021/02/22 3:43 p.m.2 views

QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting i...

6CVSS6.8AI score0.0036EPSS
Exploits0References5
CNNVD
CNNVD
added 2020/12/03 12:0 a.m.6 views

QEMU 缓冲区错误漏洞

QEMU is a suite of analog processor software. A buffer overflow vulnerability exists in QEMU msixtablemmiowrite. An attacker could exploit the vulnerability to crash the QEMU process on the host, resulting in a denial of service...

6CVSS6AI score0.0036EPSS
Exploits0References13
NVD
NVD
added 2020/06/02 2:15 p.m.26 views

CVE-2020-13754

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation...

6.7CVSS6.3AI score0.00421EPSS
Exploits0References8
OSV
OSV
added 2020/06/02 2:15 p.m.1 views

DEBIAN-CVE-2020-13754

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation...

6.7CVSS6.8AI score0.00421EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/06/02 1:37 p.m.46 views

CVE-2020-13754

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation...

6.7CVSS6.7AI score0.00421EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/10/11 12:0 a.m.142 views

Unbreakable Enterprise kernel security update

4.14.35-1902.6.6 - RDMA/restrack: Protect from reentry to resource return path Leon Romanovsky Orabug: 30388717 4.14.35-1902.6.5 - hvnetvsc: fix vf serial matching with pci slot info Haiyang Zhang Orabug: 30373111 - rds: Use correct conn when dropping connections due to cancel Hakon Bugge Orabug:...

8.8CVSS7.6AI score0.0173EPSS
Exploits3
OSV
OSV
added 2017/10/30 2:29 p.m.2 views

DEBIAN-CVE-2015-7549

The MSI-X MMIO support in hw/pci/msix.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by leveraging failure to define the .write method...

6CVSS6.3AI score0.00377EPSS
Exploits0References1
OSV
OSV
added 2016/09/21 12:0 a.m.2 views

UBUNTU-CVE-2016-7466

Memory leak in the usbxhciexit function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator, when the xhci uses msix, allows local guest OS administrators to cause a denial of service memory consumption and possibly QEMU process crash by repeatedly unplugging a USB device...

6CVSS6.7AI score0.00421EPSS
Exploits0References5
Rows per page
Query Builder