Lucene search
K

96 matches found

OSV
OSV
added 2024/08/26 11:15 a.m.5 views

AZL-48635 CVE-2024-44931 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS6.7AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 11:15 a.m.1 views

UBUNTU-CVE-2024-44931

In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References35
SUSE CVE
SUSE CVE
added 2024/08/18 2:2 a.m.10 views

SUSE CVE-2024-42265

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.3CVSS6.5AI score0.00281EPSS
Exploits0References24
OSV
OSV
added 2024/08/17 9:15 a.m.2 views

DEBIAN-CVE-2024-42265

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.5CVSS6AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2024/08/17 9:15 a.m.2 views

UBUNTU-CVE-2024-42265

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

5.5CVSS6.3AI score0.00281EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2024/07/17 4:19 a.m.6 views

SUSE CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

4.7CVSS6.5AI score0.00306EPSS
Exploits0References12
OSV
OSV
added 2024/07/16 12:15 p.m.1 views

DEBIAN-CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

5.5CVSS5.7AI score0.00306EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/07/16 12:15 p.m.5 views

CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console...

5.5CVSS6.3AI score0.00306EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/28 12:0 a.m.8 views

PT-2024-32189

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the prevention of Spectre v1 gadget construction in the sys rtas function. The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as...

7.5CVSS5.8AI score0.00241EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/06/22 4:9 a.m.2 views

SUSE CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS7.5AI score0.00257EPSS
Exploits0References12
OSV
OSV
added 2024/06/20 12:15 p.m.2 views

DEBIAN-CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS5.6AI score0.00257EPSS
Exploits0References1
OSV
OSV
added 2024/06/20 12:15 p.m.4 views

UBUNTU-CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

5.5CVSS6.3AI score0.00257EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2024/05/23 4:27 p.m.22 views

CVE-2023-52746

In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla; if type XFRMAMAX return -EOPNOTSUPP; @type is then used as an array index and can be used as a Spectre v1 gadget. if nlalennla...

5.5CVSS6.3AI score0.00243EPSS
Exploits0References4
OSV
OSV
added 2024/05/21 4:15 p.m.5 views

UBUNTU-CVE-2023-52746

In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla; if type XFRMAMAX return -EOPNOTSUPP; @type is then used as an array index and can be used as a Spectre v1 gadget. if nlalennla...

2.5CVSS5.9AI score0.00243EPSS
Exploits0References7
OSV
OSV
added 2023/04/20 12:0 a.m.2 views

UBUNTU-CVE-2023-0459

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...

6.5CVSS6.7AI score0.00635EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2018/04/06 12:0 a.m.19 views

PT-2023-2689 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 Description: The issue is related to the copy from user function in the Linux kernel, which does not implement the uaccess begin nospec feature. This allows a...

10CVSS7.3AI score0.9166EPSS
Exploits347References1825
Rows per page
Query Builder