CVE-2019-2249

Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081,...

CVE-2025-51060

An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...

CVE-2024-35871

In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...

CVE-2024-35871

CVE-2024-35871 concerns a kernel-level issue in riscv process handling that leaks the kernel global pointer (gp) via user-space observables. The vulnerability stems from how childregs (the user-context registers during syscall) can expose kernel gp in several ways (e.g., after execve, via ptrace,...