CVE-2020-8834

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...

CVE-2020-8834 Linux kernel KVM Power8 conflicting use of HSTATE_HOST_R1

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...

CVE-2018-16871

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

CVE-2018-17848

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in insertionModeStack.pop in node.go, called from inHeadIM, during an html.Parse call...

CVE-2018-14617

An issue was discovered in the Linux kernel. A NULL pointer dereference and panic in hfspluslookup in the fs/hfsplus/dir.c function can occur when opening a file that is purportedly a hard link in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata...

CVE-2017-16648

The dvb frontend management subsystem in the Linux kernel contains a use-after-free which can allow a malicious user to write to memory that may be assigned to another kernel structure. This could create memory corruption, panic, or possibly other side affects...

CVE-2017-18674

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

CVE-2017-18674

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

Code injection

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

CVE-2017-18674

An issue was discovered on Samsung mobile devices with N7.0 software. The time service aka Timaservice allows a kernel panic. The Samsung ID is SVE-2017-8593 May 2017...

CVE-2017-18674

CVE-2017-18674 affects Samsung mobile devices running Android N (7.0); the Timaservice time service is susceptible to a kernel panic. The issue is associated with Samsung ID SVE-2017-8593, May 2017. CVSS indicates network attack vector with low privileges required and high availability impact. Th...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

UBUNTU-CVE-2020-8834

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to pani...

PT-2020-2414 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.18 Description: The issue is caused by a conflicting use of HSTATE HOST R1 to store r1 state in kvmppc hv entry plus in kvmppc save,restore tm, leading to a stack corruption. An attacker with the ability to ru...

CVE-2017-15128

A flaw was found in the Linux kernel where a local user with a shell account can abuse the userfaultfd syscall when using hugetlbfs. A missing size check in hugetlbmcopyatomicpte could create an invalid inode variable, leading to a kernel panic...

CVE-2018-11987

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic...

CVE-2019-15118

A flaw was found in the sound mixer handling of the Linux kernel. An attacker with physical access able to insert a specially crafted USB device can cause a recursive loop which continues to consume the reserved stack space leading to a system panic. The highest threat from this vulnerability is ...

CVE-2019-12380

A flaw was found in the Linux kernel's implementation of UEFI. An attacker who can influence early-boot memory initialization could possibly influence firmware initialization and memory allocations, resulting in a panic of a guest or target system during early boot of that same system...

CVE-2018-8043

The Linux kernel was found vulnerable to a NULL pointer dereference in the drivers/net/phy/mdio-bcm-unimac.c:unimacmdioprobe function caused by an unchecked return value from the platformgetresource function. A successful flaw exploitation can cause a system panic and a denial of service. This fl...