Race condition

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

CVE-2023-52608 firmware: arm_scmi: Check mailbox/SMT channel for consistency

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

CVE-2023-52608 firmware: arm_scmi: Check mailbox/SMT channel for consistency

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

PT-2024-27199

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In CoCo VMs, it is possible for the untrusted host to cause set memory encrypted or set memory decrypted to fail, resulting in shared memory. Callers need to handle these errors to avoid...

device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to...

PT-2024-10063 · Qualcomm · Qualcomm Security Processor

Name of the Vulnerable Software and Affected Versions: Qualcomm security processor software affected versions not specified Description: The issue is related to memory corruption when allocating and accessing an entry in an SMEM partition continuously. This can lead to reading beyond the valid...

CVE-2024-21639

CEF Chromium Embedded Framework is a simple framework for embedding Chromium-based browsers in other applications. CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory does not check the size of the shared memory, which leads to out-of-bounds read outside the sandbox. This vulnerability was patche...

CVE-2024-21639 OOB Access in CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory

CEF Chromium Embedded Framework is a simple framework for embedding Chromium-based browsers in other applications. CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory does not check the size of the shared memory, which leads to out-of-bounds read outside the sandbox. This vulnerability was patche...

Chromium Embedded Framework (CEF) Buffer Error Vulnerability

Chromium Embedded Framework CEF is a simple framework for Chromium Embedded Framework open source. It is used to embed Chromium-based browsers in other applications. Chromium Embedded Framework CEF suffers from a buffer error vulnerability that stems from CefLayeredWindowUpdaterOSR...

PT-2023-9276 · Qualcomm · Qualcomm Embedded Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform software affected versions not specified Description: The issue is related to a memory corruption problem when allocating and accessing an entry in an SMEM partition. It is also described as a vulnerability in the...

kernel: mm/mempolicy: fix mpol_new leak in shared_policy_replace

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace If mpolnew is allocated but not used in restart loop, mpolnew will be freed via mpolput before returning to the caller. But refcnt is not initialized yet, so mpolput could not...

kernel: virt/coco/sev-guest: Double-buffer messages

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...

kernel: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs like KVM don't keep accessing pages which aren't mapped anymore...

CVE-2023-28554

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM...

Information disclosure

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM...

CVE-2023-28554 Buffer Over-read in Qualcomm IPC

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM...

CVE-2023-28554 Buffer Over-read in Qualcomm IPC

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM...

CVE-2023-28554

CVE-2023-28554 concerns Qualcomm IPC. Connected sources describe an information-disclosure vulnerability arising when reading values from shared memory inside a VM, attributed to a buffer over-read in the Qualcomm IPC path. The issue impacts confidentiality and is characterized with local access ...

PT-2023-21801 · Qualcomm · Qualcomm Ipc

Name of the Vulnerable Software and Affected Versions: Qualcomm IPC affected versions not specified Description: The issue is related to information disclosure in Qualcomm IPC when reading values from shared memory in a virtual machine. Recommendations: At the moment, there is no information abou...

CVE-2022-27813

Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the...