CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2024/09/03 3:42 p.m.•5 views

hw: amd: SMM Lock Bypass

A flaw was found in hw. Improper validation in a model-specific register MSR could allow a malicious program with ring0 access to modify the SMM configuration while the SMI lock is enabled. This issue can lead to arbitrary code execution...

7.5CVSS7.6AI score0.00622EPSS

Exploits0References5

Tenable Nessus•added 2024/09/03 12:0 a.m.•18 views

SUSE SLED15: kernel-firmware / kernel-firmware-all / kernel-firmware-amdgpu / etc (SUSE-SU-2024:3081-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3081-1 advisory. - CVE-2023-31315: Fixed validation in a model specific register MSR that lead to modification of SMM...

7.5CVSS7.4AI score0.00622EPSS

OSV•added 2024/09/02 2:44 p.m.•13 views

SUSE-SU-2024:3081-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - CVE-2023-31315: Fixed validation in a model specific register MSR that lead to modification of SMM configuration by malicious program with ring0 access bsc1229069...

RedHat Linux•added 2024/08/27 7:40 a.m.•2 views

hw: amd: SMM Lock Bypass

7.5CVSS7.3AI score0.00622EPSS

Exploits0References5

Tenable Nessus•added 2024/08/21 12:0 a.m.•39 views

Amazon Linux 2 : linux-firmware (ALAS-2024-2626)

The version of linux-firmware installed on the remote host is prior to 20200421-82.git78c0348. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2626 advisory. Improper validation in a model specific register MSR could allow a malicious program with ring0 access to...

7.5CVSS8AI score0.00622EPSS

Tenable Nessus•added 2024/08/21 12:0 a.m.•21 views

SUSE SLES15: kernel-firmware-all / kernel-firmware-amdgpu / etc (SUSE-SU-2024:2980-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2980-1 advisory. CVE-2023-31315: Fixed validation in a model specific register MSR that lead to modification of SMM configuration by malicious program with...

7.5CVSS7.4AI score0.00622EPSS

OSV•added 2024/08/20 9:8 a.m.•17 views

SUSE-SU-2024:2980-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: CVE-2023-31315: Fixed validation in a model specific register MSR that lead to modification of SMM configuration by malicious program with ring0 access bsc1229069...

Amazon•added 2024/08/20 12:0 a.m.•24 views

Important: linux-firmware

Issue Overview: Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. CVE-2023-31315 Affected Packages: linux-firmware Note: This advisory is...

7.5CVSS8AI score0.00622EPSS

Exploits0

OSV•added 2024/08/16 11:8 a.m.•16 views

SUSE-SU-2024:2944-1 Security update for kernel-firmware

OSV•added 2024/08/16 11:8 a.m.•10 views

SUSE-SU-2024:2943-1 Security update for kernel-firmware

Tenable Nessus•added 2024/08/15 12:0 a.m.•28 views

SUSE SLES12 Security Update : kernel-firmware (SUSE-SU-2024:2911-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2911-1 advisory. - CVE-2023-31315: Fixed validation in a model specific register MSR that lead to modification of SMM configuration by malicious program with...

7.5CVSS7.7AI score0.00622EPSS

OSV•added 2024/08/14 2:18 p.m.•21 views

SUSE-SU-2024:2911-1 Security update for kernel-firmware

NVD•added 2024/08/12 1:38 p.m.•28 views

CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS0.00622EPSS