495 matches found
CVE-2024-35995
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...
CVE-2024-35995 ACPI: CPPC: Use access_width over bit_width for system memory accesses
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...
CVE-2024-35995 ACPI: CPPC: Use access_width over bit_width for system memory accesses
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...
CVE-2024-35995
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...
CVE-2024-35995
CVE-2024-35995 describes a Linux kernel issue where the ACPI CPPC code misread system memory by relying on bit_width, risking incorrect memory access. The fix switches to using access_width for size calculation and reads/writes using an offset and width, with a fallback to bit_width if access_wid...
CVE-2024-26761
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...
CVE-2024-21453
Transient DOS while decoding message of size that exceeds the available system memory...
CVE-2024-21453 Improper Input Validation in Automotive Telematics
Transient DOS while decoding message of size that exceeds the available system memory...
CVE-2024-21453 Improper Input Validation in Automotive Telematics
Transient DOS while decoding message of size that exceeds the available system memory...
CVE-2024-21453
CVE-2024-21453: Affects Qualcomm chipsets; a vulnerability in the message decoding path where decoding a message larger than available system memory can cause a transient Denial of Service. The entry cites a network-based attack vector with no user interaction and high impact on availability. Pub...
CVE-2024-0154
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory...
CVE-2023-52489
A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. Thi...
CVE-2023-52489
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...
BIT-ENVOY-2022-29225 Zip bomb vulnerability in Envoy
Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 secompressors accumulate decompressed data into an intermediate buffer before overwriting the body in the decode/encodeBody. This may allow an attacker to zip bomb the decompressor by sending a small highly compressed...
K000138814: OpenLDAP vulnerability CVE-2023-2953
Security Advisory Description A vulnerability was found in openldap. This security flaw causes a null pointer dereference in bermemallocx function. CVE-2023-2953. Impact This vulnerability may result in low system memory leading to failure in LDAP authentication. Security Advisory Status F5 Produ...
AMD SEV-SNP Security Vulnerability
AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP has a security vulnerability that stems from a code error...
CVE-2023-52427
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resourcelimits.maxsamples. NOTE: the vendor's position is that the product is not designed to handle a maxsamples value that is too large for the amount of memory on the system...
The vulnerability in the PMRChangeSparseMemOSMem driver of the PowerVR GPU graphics processing unit in Android and ChromeOS operating systems allows attackers to escalate their privileges.
The vulnerability of the PMRChangeSparseMemOSMem driver in the PowerVR GPU graphics processing subsystem for Android and ChromeOS systems stems from the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain increased privileg...
CVE-2023-51042
A use-after-free flaw was found in the Linux kernel's AMD GPU driver which may allow access to members of a synchronization structure after the structure is freed. This issue could allow a local user to crash the system or to access confidential system memory. Mitigation To mitigate this issue,...