360 matches found
CVE-2022-49556
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
UBUNTU-CVE-2022-49556
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
CVE-2022-49154
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix panic on out-of-bounds guest IRQ As guestirq is coming from KVMIRQFD API call, it may trigger crash in svmupdatepiirte due to out-of-bounds: crash bt PID: 22218 TASK: ffff951a6ad74980 CPU: 73 COMMAND: "vcpu8" 0...
DEBIAN-CVE-2022-49133
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to flush deferredlist work, but if deferredlist work mmput release the las...
CVE-2022-49133
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to flush deferredlist work, but if deferredlist work mmput release the las...
UBUNTU-CVE-2022-49133
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to flush deferredlist work, but if deferredlist work mmput release the las...
CVE-2022-49556 KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
CVE-2022-49556
The CVE-2022-49556 issue affects the Linux kernel KVM: SVM sev ioctl interfaces. It could cause leakage of uninitialized kernel memory when the length parameter is between SEV_FW_BLOB_MAX_SIZE and the returned data, due to using kmalloc. The fix uses kzalloc for sev ioctl interfaces to allocate c...
CVE-2022-49556 KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
CVE-2022-49154
The CVE-2022-49154 entry is validated by connected advisories describing a Linux kernel KVM SVM issue: an out-of-bounds guest IRQ in svm_update_pi_irte() could crash when guest_irq comes via KVM_IRQFD. The root cause is an out-of-bounds access that could trigger a crash; the mitigation is a kerne...
CVE-2022-49154 KVM: SVM: fix panic on out-of-bounds guest IRQ
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix panic on out-of-bounds guest IRQ As guestirq is coming from KVMIRQFD API call, it may trigger crash in svmupdatepiirte due to out-of-bounds: crash bt PID: 22218 TASK: ffff951a6ad74980 CPU: 73 COMMAND: "vcpu8" 0...
CVE-2022-49133 drm/amdkfd: svm range restore work deadlock when process exit
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to flush deferredlist work, but if deferredlist work mmput release the las...
CVE-2022-49133 drm/amdkfd: svm range restore work deadlock when process exit
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to flush deferredlist work, but if deferredlist work mmput release the las...
CVE-2024-57897
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize this solution,...
CVE-2024-57897 drm/amdkfd: Correct the migration DMA map direction
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize this solution,...
CVE-2024-50115
CVE-2024-50115 is a Linux kernel vulnerability affecting KVM nSVM where loading PDPTEs from memory incorrectly handles nCR3[4:0]. The issue can cause an out-of-bounds read if a target page is at the end of a memslot, due to not enforcing 32-byte alignment when PAE paging is used. The root cause i...
CVE-2024-50115 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...
RockyLinux 9 : kernel (RLSA-2024:8162)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8162 advisory. kernel: Local information disclosure on IntelR AtomR processors CVE-2023-28746 kernel: netfilter: nftflowoffload: reset dst in route object after setting...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2344)
"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00processels Commit...
ROS-20240812-16
Vulnerability of the dovccioctl function in the net/atm/ioctl.c module of the ATM Asynchronous Transfer Mode network protocol implementation of the Linux kernel is related to the reuse of a previously exploited ATM protocol. Asynchronous Transfer Mode kernel of the Linux operating system is relat...