PT-2026-44260

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Multipath TCP MPTCP implementation. The mptcp pm add timer helper function, which operates as a timer callback in softirq context, fails to properly hold the...

PT-2025-51672

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the KVM SVM component. Specifically, when re-injecting a soft interrupt from an INT3 instruction, the system may discard the exception and retry t...

DEBIAN-CVE-2024-56638

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh and perform three...

AZL-67761 CVE-2024-35971 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851irq thread may call ks8851rxpkts in case there are any packets in the MAC FIFO, which calls netifrx. This netifrx implementation is guarded by...

kernel: dm thin: Fix UAF in run_timer_softirq()

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

PT-2022-21899 · Insyde · Insydeh2O Uefi Firmware

Name of the Vulnerable Software and Affected Versions: InsydeH2O UEFI firmware kernel versions prior to 5.2: 05.27.25 InsydeH2O UEFI firmware kernel versions prior to 5.3: 05.36.25 InsydeH2O UEFI firmware kernel versions prior to 5.4: 05.44.25 Description: DMA transactions targeted at input buffe...

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. The vulnerability can be exploited to read or write or manipulate data to SMRAM, resulting in an escalation...

CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

Design/Logic Flaw

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

DEBIAN-CVE-2016-9377

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging IDT entry miscalculation...

CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

UBUNTU-CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

ALPINE-CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

DEBIAN-CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

Fedora 24 : xen (2016-95c104a4c6)

xen : various security flaws 1397383 x86 null segments not always treated as unusable XSA-191, CVE-2016-9386 x86 task switch to VM86 mode mis-handled XSA-192, CVE-2016-9382 x86 segment base write emulation lacking canonical address checks XSA-193, CVE-2016-9385 x86 64-bit bit test instruction...

CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

CVE-2014-7156

The x86emulate function in arch/x86/x86emulate/x86emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service guest crash via unspecified vectors...