SUSE CVE-2020-14375

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...

SUSE CVE-2020-29074

scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access by actors other than the current user...

SUSE CVE-2021-3669

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS...

SUSE CVE-2021-21703

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the...

SUSE CVE-2021-26400

AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage...

SUSE CVE-2021-44733

A use-after-free exists in drivers/tee/teeshm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in teeshmgetfromid during an attempt to free a shared memory object...

PT-2023-33228 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.83 Description: The issue is related to the invocation of MMU notifiers in shmem/file collapse paths in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations...

PT-2022-14790 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the page number of shared mem.c, which could lead to code execution in the secure world. This may result in local escalation of privilege without requiring...

PT-2022-35571 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue concerns the drm/virtio component, specifically the handling of transferred 2D BO Buffer Object that is shmem. The actual impact and potential for attack have not been fully...

PT-2022-35393 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue concerns the drm/virtio component, specifically the handling of transferred 2D BO Buffer Object that is shmem. The actual impact and potential for attack have not been proven yet...

OESA-2022-2042 multipath-tools security update

This package provides the multipath tool and the multipathd daemon to manage dm-multipath devices. multipath can detect and set up multipath maps. multipathd sets up multipath maps automatically,monitors path devices for failure, removal, or addition, and applies the necessary changes to the...

DEBIAN-CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen x8...

DEBIAN-CVE-2022-41973

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

AZL-11371 CVE-2022-41973 affecting package device-mapper-multipath for versions less than 0.8.6-4

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

CVE-2022-41973

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

UBUNTU-CVE-2022-41973

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

Red Hat device-mapper-multipath 后置链接漏洞

Red Hat device-mapper-multipath is a device mapper multipath from Red Hat, Inc. It allows you to configure multiple I/O paths between server nodes and storage arrays into a single device. A security vulnerability exists in Red Hat device-mapper-multipath that stems from multipathd running...

Linux Kernel Resource Management Error Vulnerability (CNVD-2022-69189)

The Linux Kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux Kernel suffers from a security vulnerability that stems from a measure of shared memory usage that does not scale with the number of shared memory segments. An attack...

Security Bulletin: IBM Sterling Certificate Wizard Shared Memory Permission Vulnerability (CVE-2013-1500)

Abstract The IBM Sterling Certificate Wizard is susceptible to a shared memory permission vulnerability. Content VULNERABILITY DETAILS: CVEID:CVE-2013-1500 DESCRIPTION: The GUI implementation may create a shared memory segment with world read/write permissions. If such a memory segment is created...