EUVD-2023-41368

Malicious code in bioql PyPI...

CVE-2023-37479

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

Design/Logic Flaw

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

Open Enclave SDK 安全漏洞

Open Enclave SDK is a hardware-independent open source library from Open Enclave Open Source. It is used to develop applications that utilize the hardware-based Trusted Execution Environment also known as Enclave. A security vulnerability exists in versions of Open Enclave SDK prior to 0.19.3,...

PT-2023-25989 · Unknown · Open Enclave

Name of the Vulnerable Software and Affected Versions: Open Enclave versions prior to 0.19.3 Description: The issue concerns two problems in the Open Enclave SDK. First, it does not properly sanitize the MXCSR register on enclave entry, making applications vulnerable to MXCSR Configuration...

Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)

The remote host is missing an update to kernel-source-2.4.17, kernel-patch-2.4.17-mips announced via advisory DSA 332-1. OpenVAS Vulnerability Test $Id: deb3321.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 332-1 Authors: Thomas Reinke Copyright: Copyrigh...

DSA-442 linux-kernel-2.4.17-s390 - several vulnerabilities

Bulletin has no description...

Linux Kernel <= 2.4.21 MXCSR Local DOS Exploitation

As I mentioned in my previous post to the list, I've been looking into x87 FPU stuff lately. While I was tinkering I ran into the MXCSR register, which reminded me of an old RedHat advisory with a vague description of a kernel vuln relating to the register. I don't recall anyone ever discussing...

CVE-2003-0248

CVE-2003-0248 affects the Linux kernel 2.4 series; the issue is in the mxcsr code, allowing an attacker to modify CPU state registers via a malformed address. Per available data, the impact is rated as complete confidentiality, integrity, and availability (base CVSS v2 score 10.0). The provided d...