qemu-kvm: 'qemu-img info' leads to host file read/write

A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write ...

OESA-2024-1793 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ecbhfremove static void ecbhfremovestruct pcidev dev ... struct ecbhfpriv priv = netdevprivnetdev;...

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

ARM Valhall GPU Security Vulnerability

The ARM Valhall GPU is a specialized graphics core processor from ARM UK. A security vulnerability exists in the ARM Valhall GPU that stems from the fact that a local, unprivileged user can perform improper GPU processing operations to access limited space outside of buffer boundaries. If these...

CVE-2024-38532

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

CLSA-2024-1719569607 Update of linux-firmware

Update AMD CPU microcode to 2024-01-16: - Update AMD CPU microcode for processor family 19h: sig 0x00a00f11, sig 0x00a00f12;...

NXP Data Co-Processor Security Vulnerability

The NXP Data Co-Processor NXP DCP is a built-in hardware module for a SoC from NXP. A dedicated AES encryption engine used to implement encryption/decryption operations. A security vulnerability exists in NXP Data Co-Processor that originates from the selection of a test key by the dcptool...

The vulnerability of the NVIDIA GPU Display Driver software driver allows a hacker to execute arbitrary code, increase their privileges, or disclose sensitive information.

The vulnerability of the NVIDIA GPU Display Driver software driver is related to access control errors. Exploiting this vulnerability allows an attacker to execute arbitrary code, enhance their privileges, or disclose sensitive information...

PT-2024-28058 · Nxp · Nxp Data Co-Processor

Name of the Vulnerable Software and Affected Versions: NXP Data Co-Processor DCP affected versions not specified Description: The issue concerns the NXP Data Co-Processor DCP, a built-in hardware module for specific NXP SoCs that implements a dedicated AES cryptographic engine for...

CVE-2024-3017

In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...

CVE-2024-3017

In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...

MAL-2024-6101 Malicious code in tensor-processor-learning (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in tensor-processor-learning (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Linux kernel buffer error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer error vulnerability exists in Linux kernel that stems from space not being reserved for ptregs at the top of idle threads in the secondary startup hart, resulting in...

DEBIAN-CVE-2022-48732

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...

UBUNTU-CVE-2022-48713

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf-single before calling ptbufferregionsize in a place where a missing check can cause a kernel crash. Fixes a bug introduced by commit...

CVE-2022-48755 powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06

In the Linux kernel, the following vulnerability has been resolved: powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06 Johan reported the below crash with testbpf on ppc64 e5500: testbpf: 296 ALUENDFROMLE 64: 0x0123456789abcdef - 0x67452301 jited:1 Oops: Exception in kernel mode,...