CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

UBUNTU-CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy-to-use, readable and flexible SSL library. A security vulnerability exists in Mbed TLS versions 2.18.0 through 2.28.8 and prior to 3.6.0, which stems from the incorrect handling of shared memory in the PSA Crypto API...

CVE-2024-28960

CVE-2024-28960 affects Mbed TLS 2.18.0–2.28.x (before 2.28.8) and Mbed TLS 3.x (before 3.6.0), and Mbed Crypto. The PSA Crypto API mishandles shared memory. Reported impact: high confidentiality impact, low integrity impact; exploitation context is not detailed in the provided documents. Public f...

PT-2024-8229 · Podman · Podman

Name of the Vulnerable Software and Affected Versions: Podman affected versions not specified Description: A flaw in Podman may allow an attacker to create a specially crafted container that can exhaust resources in /dev/shm by creating a large number of IPC resources. This can lead to a...

SUSE CVE-2023-52608

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

Race condition

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

CVE-2023-52608 firmware: arm_scmi: Check mailbox/SMT channel for consistency

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

CVE-2023-52608 firmware: arm_scmi: Check mailbox/SMT channel for consistency

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

PT-2024-27199

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In CoCo VMs, it is possible for the untrusted host to cause set memory encrypted or set memory decrypted to fail, resulting in shared memory. Callers need to handle these errors to avoid...

device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to...

PT-2024-10063 · Qualcomm · Qualcomm Security Processor

Name of the Vulnerable Software and Affected Versions: Qualcomm security processor software affected versions not specified Description: The issue is related to memory corruption when allocating and accessing an entry in an SMEM partition continuously. This can lead to reading beyond the valid...

CVE-2024-21639

CEF Chromium Embedded Framework is a simple framework for embedding Chromium-based browsers in other applications. CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory does not check the size of the shared memory, which leads to out-of-bounds read outside the sandbox. This vulnerability was patche...

CVE-2024-21639 OOB Access in CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory

CEF Chromium Embedded Framework is a simple framework for embedding Chromium-based browsers in other applications. CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory does not check the size of the shared memory, which leads to out-of-bounds read outside the sandbox. This vulnerability was patche...

Chromium Embedded Framework (CEF) Buffer Error Vulnerability

Chromium Embedded Framework CEF is a simple framework for Chromium Embedded Framework open source. It is used to embed Chromium-based browsers in other applications. Chromium Embedded Framework CEF suffers from a buffer error vulnerability that stems from CefLayeredWindowUpdaterOSR...

PT-2023-9276 · Qualcomm · Qualcomm Embedded Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform software affected versions not specified Description: The issue is related to a memory corruption problem when allocating and accessing an entry in an SMEM partition. It is also described as a vulnerability in the...

kernel: mm/mempolicy: fix mpol_new leak in shared_policy_replace

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace If mpolnew is allocated but not used in restart loop, mpolnew will be freed via mpolput before returning to the caller. But refcnt is not initialized yet, so mpolput could not...

kernel: virt/coco/sev-guest: Double-buffer messages

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...

kernel: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs like KVM don't keep accessing pages which aren't mapped anymore...

CVE-2023-28554

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM...