865 matches found
SUSE CVE-2024-27028
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spitransfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a check to trans-txbuf...
kernel: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
A counting logic flaw exists in the Linux kernel. When cigetdomainbusandslot is called, it returns a pci device with refcount incremented. When finishing it, the caller must decrement the reference count by calling pcidevput, leading to the loss of confidentiality of the system...
PT-2024-5604 · Dell · Dell Peripheral Manager
Name of the Vulnerable Software and Affected Versions: Dell Peripheral Manager versions prior to 1.7.6 Description: The issue is related to an uncontrolled search path element in the software. This could allow an attacker to potentially exploit the vulnerability through preloading malicious DLL o...
PT-2024-3511 · Amd · Amdpspp2Cmboxv2
Name of the Vulnerable Software and Affected Versions: AmdPspP2CmboxV2 affected versions not specified Description: The issue is related to an exposed SMI handler in AmdPspP2CmboxV2, which can be leveraged to bypass protections put in place by previous UEFI phases, allowing direct access to the S...
SUSE CVE-2021-47195
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...
SUSE CVE-2024-26738
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pcicontroller When a PCI device is dynamically added, the kernel oopses with a NULL pointer dereference: BUG: Kernel NULL pointer dereference on read at 0x00000030...
SUSE CVE-2024-27437
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in requestirq and subsequently disabled as necessary to...
CVE-2021-47195
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...
UBUNTU-CVE-2021-47147
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix a resource leak in an error handling path If an error occurs after a successful 'pciioremapbar' call, it must be undone by a corresponding 'pciiounmap' call, as already done in the remove function...
ALPINE-CVE-2023-46839
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions need an IOMMU context...
UBUNTU-CVE-2023-46839
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions need an IOMMU context...
Xen Security Vulnerabilities
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen...
PT-2024-3418
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a potential use-after-free in the fsl lpspi probe function in the Linux kernel's SPI driver. This function allocates and disposes of memory manually using spi...
The vulnerability of the VFIO PCI kernel driver of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the VFIO PCI kernel driver for the Linux operating system is related to errors in the calculation of pointers in the functions hisiaccvfresumewrite and hisiaccvfsaveread in the drivers/vfio/pci/hisilicon/hisiaccvfiopci.c module. Exploiting this vulnerability can allow a remot...
CVE-2024-22452
CVE-2024-22452 affects Dell Display and Peripheral Manager for macOS prior to version 1.3. The issue is an improper access control flaw that could let a low-privilege user modify files in the installation folder to execute arbitrary code and escalate privileges. Reports from Red Hat, NVD, and PT-...
Dell Display Manager and Dell Peripheral Manager Permission License and Access Control Issues Vulnerability
Dell Peripheral Manager and Dell Display Manager are both products of Dell, Inc.Dell Peripheral Manager is a software application that provides on-screen instructions on how to pair other devices with your computer via Bluetooth. Dell Peripheral Manager is a software application that provides...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...
UBUNTU-CVE-2023-52511
In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...
CVE-2023-52511 spi: sun6i: reduce DMA RX transfer width to single byte
In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...
CVE-2023-52511 spi: sun6i: reduce DMA RX transfer width to single byte
In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...