CVE-2020-6183

SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may contain data read with user root privileges e.g. size of any directory, system hardware and OS details,...

CVE-2020-0009

In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...

CVE-2020-15581

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 July 2020...

CVE-2018-21052

An issue was discovered on Samsung mobile devices with N7.x and O8.X Exynos chipsets software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 October 2018...

CVE-2019-2279

Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909...

CVE-2019-13995

u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...

CVE-2015-8843

The Foxit Cloud Update Service FoxitCloudUpdateService in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption...

CVE-2002-2038

Next Generation POSIX Threading NGPT 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods...

UBUNTU-CVE-2025-37920

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

CVE-2025-37920

CVE-2025-37920 affects the Linux kernel in the AF_XDP path. The issue is a race condition in the generic RX path when multiple sockets share the same xsk_buff_pool (shared umem), with RX queues being socket-exclusive and FILL queues sharable. The fix moves the rx_lock from xsk_socket to the share...

CVE-2024-47893 GPU DDK - OOB read and write of the shared KMD/FW memory heap (VZ/TEE setups)

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory...

kernel: soc: qcom: socinfo: Avoid out of bounds read of serial number

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...

kernel: mm: revert "mm: shmem: fix data-race in shmem_getattr()"

In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmemgetattr" Revert d949d1d14fa2 "mm: shmem: fix data-race in shmemgetattr" as suggested by Chuck 1. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just t...

kernel: mm: shmem: fix data-race in shmem_getattr()

No description is available for this CVE...

CVE-2025-23159

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

DEBIAN-CVE-2025-23159

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

UBUNTU-CVE-2025-23159

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

CVE-2025-23159 media: venus: hfi: add a check to handle OOB in sfr region

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

CVE-2025-0467

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that originates from kernel software in Guest VM that may utilize shared memory to write GPU firmware data...