Lucene search
K

53 matches found

OSV
OSV
added 2025/01/11 3:15 p.m.10 views

AZL-68570 CVE-2024-57875 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: block: RCU protect disk-convzonesbitmap Ensure that a disk revalidation changing the conventional zones bitmap of a disk does not cause invalid memory references when using the diskzoneisconv helper by RCU protecting the...

5.5CVSS5.8AI score0.00179EPSS
Exploits0References1
OSV
OSV
added 2024/12/30 4:52 p.m.4 views

GHSA-GV7F-5QQH-VXFX xous has unsound usages of `core::slice::from_raw_parts`

We consider asslice and asslicemut unsound because: the pointer with any bit patterns could be cast to the slice of arbitrary types. The pointer could be created by unsafe new and deprecated fromparts. We consider that fromparts should be removed in latest version because it will help trigger...

7.2AI score
Exploits0References4
OSV
OSV
added 2024/12/28 10:15 a.m.7 views

AZL-55153 CVE-2024-56689 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio' If platformgetresourcebyname fails and returns NULL because DT lacks an 'mmio' property for the MHI endpoint, dereferencing res-start will cause a NULL pointer...

5.5CVSS6.3AI score0.00201EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2024/12/23 7:26 p.m.8 views

Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device`

An issue was identified in the VmFd::createdevice function, leading to undefined behavior and miscompilations on rustc 1.82.0 and newer due to the function's violation of Rust's pointer safety rules. The function downcasted a mutable reference to its struct kvmcreatedevice argument to an immutabl...

7.3AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/23 12:0 a.m.3 views

PT-2024-40054 · Unknown · Kvm-Ioctls

Name of the Vulnerable Software and Affected Versions: kvm-ioctls versions 0.1.0 through 0.19.0 Description: An issue in the VmFd::create device function leads to undefined behavior and miscompilations due to a violation of Rust's pointer safety rules. The function incorrectly downcasts a mutable...

7.4AI score
Exploits0References4
OSV
OSV
added 2024/12/05 12:0 p.m.5 views

RUSTSEC-2024-0428 Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device`

An issue was identified in the VmFd::createdevice function, leading to undefined behavior and miscompilations on rustc 1.82.0 and newer due to the function's violation of Rust's pointer safety rules. The function downcasted a mutable reference to its struct kvmcreatedevice argument to an immutabl...

7.3AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.2 views

kernel: thermal/debugfs: Fix two locking issues with thermal zone debug

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug With the current thermal zone locking arrangement in the debugfs code, user space can open the "mitigations" file for a thermal zone before the zone's debugfs pointe...

5.5CVSS6.7AI score0.00143EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the drm/amd/pm module not ensuring that fwinfo is not NULL before using it...

5.5CVSS6.7AI score0.00249EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/07/06 12:0 a.m.5 views

PT-2024-41432 · Crates.Io · Wasmtime-Jit-Debug

The unsound function dump code load record uses from raw parts to directly convert the pointer addr and len into a slice without any validation and that memory block would be dumped. Thus, the 'safe' function dump code load record is actually 'unsafe' since it requires the caller to guarantee tha...

7.3AI score
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/05/23 3:5 a.m.2 views

SUSE CVE-2021-47289

In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 "ACPI: utils: Fix reference counting in foreachacpidevmatch" started doing "acpidevput" on a pointer that was possibly NULL. That fails miserably, because that helper inline...

5.5CVSS6.5AI score0.00235EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/01/30 1:28 p.m.3 views

kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

7.8CVSS6.2AI score0.00155EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.2 views

kernel: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject's routine to NULL check pdata. Currently, an early return error is thrown from lpfcreadobject to protect...

5.5CVSS6.4AI score0.00166EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: BPF: Fix potential bad pointer dereference in bpf_sys_bpf()

In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case the argument union bpfattr pointer as well as the insn...

5.5CVSS6.3AI score0.00195EPSS
Exploits0References5
Rows per page
Query Builder