Lucene search
K

1534 matches found

OSV
OSV
added 2024/10/21 12:14 p.m.15 views

CVE-2024-47727 x86/tdx: Fix "in-kernel MMIO" check

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...

7.8CVSS5.9AI score0.00247EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/10/21 11:53 a.m.24 views

CVE-2024-47716 ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros

In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP instruction in kernel mode FPEXC == 0xc0000780 Internal...

0.00218EPSS
Exploits0References4
OSV
OSV
added 2024/10/21 11:53 a.m.9 views

CVE-2024-47716 ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros

In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP instruction in kernel mode FPEXC == 0xc0000780 Internal...

5.5CVSS6AI score0.00218EPSS
Exploits0References7
Fedora
Fedora
added 2024/10/12 12:23 a.m.21 views

[SECURITY] Fedora 41 Update: kernel-headers-6.11.3-300.fc41

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

7.1CVSS6.5AI score0.00224EPSS
Exploits0
NVD
NVD
added 2024/10/07 1:15 p.m.13 views

CVE-2024-21455

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver...

7.8CVSS0.00169EPSS
Exploits0References1
CVE
CVE
added 2024/10/07 12:58 p.m.62 views

CVE-2024-23374

CVE-2024-23374 affects Qualcomm chipsets with a haptics subsystem that exposes a haptics debugfs file. The vulnerability allows memory corruption when a userspace or console process writes a haptics pattern to the debugfs file, caused by the underlying memory handling. CVSS details indicate a LOC...

6.7CVSS6.7AI score0.0011EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/07 12:58 p.m.20 views

CVE-2024-21455 Untrusted Pointer Dereference in DSP Service

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver...

7.8CVSS0.00169EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.5 views

PT-2024-18880 · Qualcomm · Snapdragon +19

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. This can lead to...

7.8CVSS6.7AI score0.00169EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.7 views

PT-2024-19850 · Qualcomm · Snapdragon +25

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file. This...

6.7CVSS7.2AI score0.0011EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: powerpc/pseries: Whitelist dtl slub object for copying to userspace

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...

5.5CVSS6.6AI score0.00225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: scsi: qedf: Ensure the copied buf is NUL terminated

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...

4.4CVSS6.9AI score0.00253EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values

A vulnerability was found in the cfg80211 component in the Linux kernel, where a lack of proper range validation applied to the NL80211ATTRTXQQUANTUM can lead to a scenario where the userspace passes an extremely high value that the kernel is not designed to handle efficiently ex. 2^31. This can...

4.4CVSS6.7AI score0.00174EPSS
Exploits0References5
OSV
OSV
added 2024/09/18 8:15 a.m.1 views

UBUNTU-CVE-2024-46792

In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory rawcopyto,fromuser do not call accessok, so this code allowed userspace to access any virtual memory address...

3.3CVSS6.5AI score0.00183EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/09/18 7:12 a.m.22 views

CVE-2024-46792 riscv: misaligned: Restrict user access to kernel memory

In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory rawcopyto,fromuser do not call accessok, so this code allowed userspace to access any virtual memory address...

0.00183EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/18 7:12 a.m.15 views

CVE-2024-46792 riscv: misaligned: Restrict user access to kernel memory

In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory rawcopyto,fromuser do not call accessok, so this code allowed userspace to access any virtual memory address...

6.9AI score0.00183EPSS
Exploits0References2
OSV
OSV
added 2024/09/16 5:2 a.m.15 views

RHSA-2021:1804 Red Hat Security Advisory: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update

Bulletin has no description...

7.8CVSS7AI score0.00629EPSS
Exploits1References58
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.6 views

PT-2024-21854 · Samsung · Exynos 1330 +8

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor, Wearable Processor Exynos versions Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930 Description: An issue was discovered in the function slsi rx scan...

5.5CVSS6.9AI score0.00162EPSS
Exploits0References6
CVE
CVE
added 2024/09/09 12:0 a.m.65 views

CVE-2024-27365

CVE-2024-27365 affects Samsung Mobile Processor Exynos family: Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, and Exynos W930. The root cause is missing input validation for a length value from userspace in the function slsi_rx_blockack_ind()...

5.5CVSS6.9AI score0.00174EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/09/05 5:15 a.m.15 views

CVE-2024-32668

An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, whic...

8.2CVSS0.00213EPSS
Exploits0References2
NVD
NVD
added 2024/09/05 5:15 a.m.20 views

CVE-2024-45063

The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process,...

9.8CVSS0.00521EPSS
Exploits0References2
Rows per page
Query Builder