Lucene search
K

8 matches found

CVE
CVE
added 6 days ago26 views

CVE-2026-49417

CVE-2026-49417 is part of two memory-safety issues in FreeBSD’s sound(4) mmap path. The advisories describe: (1) dsp_mmap_single() could overflow when validating a requested mapping, allowing a mapping to extend past the audio buffer into kernel memory (CVE-2026-45258), and (2) the audio buffer b...

7CVSS5.9AI score0.00125EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-49417 Multiple vulnerabilities in the sound(4) mmap path

Second, the audio buffer backing a mapping could be freed when the device was closed even though the mapping remained valid. The freed memory could then be reused elsewhere while still accessible through the stale mapping. The /dev/dsp device nodes are world-accessible by default. On a system wit...

0.00125EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.6 views

FreeBSD Security Advisory - FreeBSD-SA-26:27.sound

FreeBSD Security Advisory - The sound4 driver contained two memory-safety errors in its mmap2 support. First, dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and...

5.7AI score0.00149EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/03 3:49 p.m.41 views

CVE-2026-46248 wifi: ath12k: clear stale link mapping of ahvif->links_map

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

0.00121EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.7 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ath12k wireless driver failing to clear outdated mappings in ahvif-linksmap when connecting...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/05 12:54 a.m.4 views

kernel: drm/i915/dpt: Make DPT object unshrinkable

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...

5.5CVSS6.8AI score0.00284EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/21 2:0 a.m.7 views

SUSE CVE-2024-35817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgputtmbackendunbind will not clear the gart page table entry and leave valid mapping entry pointing t...

7.8CVSS6.3AI score0.00228EPSS
Exploits0References69
FreeBSD
FreeBSD
added 2021/04/06 12:0 a.m.31 views

FreeBSD -- Memory disclosure by stale virtual memory mapping

Problem Description: A particular case of memory sharing is mishandled in the virtual memory system. It is possible and legal to establish a relationship where multiple descendant processes share a mapping which shadows memory of an ancestor process. In this scenario, when one process modifies...

5.5CVSS1.3AI score0.00336EPSS
Exploits0
Rows per page
Query Builder