Lucene search
K

96 matches found

RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.7 views

kernel: gpio: prevent potential speculation leaks in gpio_device_get_desc()

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS6.5AI score0.00248EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: protect the fetch of ->fd[fd] in do_dup2() from mispredictions

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.5CVSS7AI score0.00281EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/03/28 3:38 a.m.2 views

SUSE CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

5.5CVSS7.7AI score0.00199EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.8 views

Vulnerabilities of x86 components and kernel bugs in the Linux operating system, which allow attackers to cause service failures

The vulnerability of x86 components and kernel bugs in the Linux operating system is related to errors in resource management in the file arch/x86/include/asm/nospec-branch.h. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00231EPSS
Exploits0References13Affected Software6
SUSE CVE
SUSE CVE
added 2025/02/27 3:11 a.m.3 views

SUSE CVE-2022-49122

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS7.3AI score0.00295EPSS
Exploits0References10
OSV
OSV
added 2025/02/27 2:15 a.m.2 views

UBUNTU-CVE-2024-58000

In the Linux kernel, the following vulnerability has been resolved: iouring: prevent reg-wait speculations With ENTEREXTARGREG instead of passing a user pointer with arguments for the waiting loop the user can specify an offset into a pre-mapped region of memory, in which case the offset, offset ...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References5
OSV
OSV
added 2025/02/27 2:7 a.m.7 views

CVE-2024-58000 io_uring: prevent reg-wait speculations

In the Linux kernel, the following vulnerability has been resolved: iouring: prevent reg-wait speculations With ENTEREXTARGREG instead of passing a user pointer with arguments for the waiting loop the user can specify an offset into a pre-mapped region of memory, in which case the offset, offset ...

5.5CVSS6.3AI score0.00177EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.6 views

PT-2025-8787 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the io uring component. The issue allowed for reg-wait speculations, which could be exploited by passing a user...

6.4AI score0.00177EPSS
Exploits0References9
OSV
OSV
added 2025/02/26 7:0 a.m.6 views

UBUNTU-CVE-2022-49122

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS6.2AI score0.00295EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2025/02/14 7:7 a.m.9 views

SUSE CVE-2023-0459

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond commit...

4.7CVSS6.5AI score0.00635EPSS
Exploits0References26
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: The issue of protecting the fetch of -fdfd in dodup2 from mispredictions has been addressed. Both callers have ensured that fd is not greater than -maxfds; however, a misprediction might lead to the speculative execution of tofre...

5.5CVSS6.4AI score0.00281EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-37968

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where guest-controlled indices, min and dest id, could potentially lead to speculative execution side-channels. The array index nospec function is used...

7.8CVSS6.6AI score0.00165EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.6 views

kernel: vt_ioctl: fix array_index_nospec in vt_setactivate

A vulnerability was found in the Linux kernel's vtioctl subsystem, where the vtsetactivate function can lead to a transient integer underflow due to improper handling of the vsa.console value. The vulnerability arises when an out-of-bounds value is decreased before being sanitized using...

5.5CVSS7.2AI score0.00306EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: vt_ioctl: fix array_index_nospec in vt_setactivate

A vulnerability was found in the Linux kernel's vtioctl subsystem, where the vtsetactivate function can lead to a transient integer underflow due to improper handling of the vsa.console value. The vulnerability arises when an out-of-bounds value is decreased before being sanitized using...

5.5CVSS7.2AI score0.00306EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/09/24 12:0 a.m.7 views

The vulnerability of the array_index_nospec function in the DMA-BUF driver of the Linux operating system allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the arrayindexnospec function in the Linux kernel’s DMA-buf driver is related to a memory leak. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

5.2CVSS6.3AI score0.00257EPSS
Exploits0References16Affected Software4
NVD
NVD
added 2024/09/18 8:15 a.m.26 views

CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

7.1CVSS0.00241EPSS
Exploits0References7
OSV
OSV
added 2024/09/18 8:15 a.m.3 views

DEBIAN-CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

7.1CVSS6.1AI score0.00241EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.4 views

UBUNTU-CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

7.1CVSS6.5AI score0.00241EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2024/08/28 2:25 a.m.8 views

SUSE CVE-2024-44931

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS6.3AI score0.00248EPSS
Exploits0References16
OSV
OSV
added 2024/08/26 11:15 a.m.2 views

DEBIAN-CVE-2024-44931

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS5.8AI score0.00248EPSS
Exploits0References1
Rows per page
Query Builder