Lucene search
K

1366 matches found

Amazon
Amazon
added 2024/12/19 12:0 a.m.4 views

Medium: apr

Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...

5.5CVSS6.6AI score0.00332EPSS
Exploits0
Amazon
Amazon
added 2024/12/12 12:0 a.m.4 views

Medium: apr

Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...

5.5CVSS7.5AI score0.00332EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.8 views

kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump

A flaw was found in the Linux kernel in which functions providing information about SMC-D connections caused a NULL pointer dereference. This flaw allows an attacker with permission to read this information to cause a denial of service...

5.5CVSS7.2AI score0.00257EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.1 views

kernel: mm/shmem: disable PMD-sized page cache if needed

A denial of service vulnerability was found in the Linux Kernel. In architectures such as ARM64 where the base page size is 64KB, a 512MB page cache could lead to a software crash...

5.5CVSS6.8AI score0.00211EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.6 views

kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

5.5CVSS6.7AI score0.00211EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a deadlock issue in the mm/shmem module due to the undoing of a previous data contention fix...

4.7CVSS6.3AI score0.00168EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.3 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from sequential allocation and access of entries in the SMEM partition, which may result in memory corruption if not managed properly...

8.4CVSS6.7AI score0.00104EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/11/28 8:0 a.m.3 views

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0 and Mbed Crypto. The PSA Crypto API mishandles shared memory.

...

8.2CVSS6.8AI score0.0084EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.5 views

PT-2025-3662 · Linux · Linux Kernel

The vulnerable software is the Linux kernel. The issue arose from a regression in the kernel's memory management subsystem, specifically in the handling of write-sealed memfd mappings. The problem was introduced by a commit that moved a check for mapping writability before the shmem mmap hook was...

4.9CVSS6.8AI score
Exploits0References19
F5 Networks
F5 Networks
added 2024/11/22 6:43 p.m.31 views

K000148687: qt vulnerabilities CVE-2018-21035, CVE-2015-1290, CVE-2013-0254, and CVE-2023-43114

Security Advisory Description CVE-2018-21035 In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption. CVE-2015-1290 The Google V8...

9.3CVSS7.2AI score0.03296EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/11/22 12:0 a.m.7 views

The vulnerability of the shmem_getattr() function in the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the shmemgetattr function in the mm/shmem.c module of the Linux kernel’s memory management subsystem is related to improper synchronization of access to shared memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7CVSS7.2AI score
Exploits0References22Affected Software4
SUSE CVE
SUSE CVE
added 2024/11/20 3:48 a.m.2 views

SUSE CVE-2024-53071

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthordevicemmapio implementation has two issues: 1. For mapping DRMPANTHORUSERFLUSHIDMMIOOFFSET, panthordevicemmapio bails if VMWRITE is set, but does not clear...

7.8CVSS7.4AI score0.00195EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.4 views

The vulnerability of the Podman software for managing and starting OCI containers, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the Podman software for managing and starting OCI containers is related to an uncontrolled resource consumption in the /dev/shm directory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.7CVSS7.4AI score0.00514EPSS
Exploits0References5Affected Software3
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: net/smc: avoid data corruption caused by decline

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. "Error: Protocol...

7.8CVSS6.6AI score0.00248EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE Lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flag causing a kernel panic due to BUGON in...

5.5CVSS6.7AI score0.00275EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/11/09 12:0 a.m.11 views

FreeBSD : x11vnc -- access to shared memory segments (305ceb2c-9df8-11ef-a660-d85ed309193e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 305ceb2c-9df8-11ef-a660-d85ed309193e advisory. [email protected] reports: scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access ...

8.8CVSS7.9AI score0.01723EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/06 9:46 a.m.3 views

mod_jk: information Disclosure / DoS

An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...

5.9CVSS5.8AI score0.00326EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2024/11/04 7:44 p.m.15 views

K000148382: Apache Tomcat Connectors vulnerability CVE-2024-46544

Security Advisory Description Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors:...

5.9CVSS5.2AI score0.00326EPSS
Exploits0
NVD
NVD
added 2024/11/04 10:15 a.m.14 views

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...

6.7CVSS0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/04 10:4 a.m.14 views

CVE-2024-33032 Improper Validation of Array Index in Camera_Linux

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...

6.7CVSS7AI score0.00103EPSS
Exploits0References1
Rows per page
Query Builder