221 matches found
kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer...
DEBIAN-CVE-2021-47465
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idlekvmstartguest In commit 10d91611f426 "powerpc/64s: Reimplement book3s idle code in C" kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the emergency...
UBUNTU-CVE-2021-47465
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idlekvmstartguest In commit 10d91611f426 "powerpc/64s: Reimplement book3s idle code in C" kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the emergency...
CVE-2021-47465 KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idlekvmstartguest In commit 10d91611f426 "powerpc/64s: Reimplement book3s idle code in C" kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the emergency...
DEBIAN-CVE-2022-48697
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blkmqcompleterequestremote+0xac/0x350 Read of size 4 at addr 0000607bd1835943 by task...
PT-2024-12064 · Lenovo · Smart Edge +2
Name of the Vulnerable Software and Affected Versions: Lenovo Desktop, Smart Edge, and ThinkStation products affected versions not specified Description: A potential issue was reported in the BIOS of some Lenovo products, including Desktop, Smart Edge, and ThinkStation, that could allow a local...
UBUNTU-CVE-2023-52488
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from raw to noinc regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent $00, followed by all the FIFO data without having to...
SUSE CVE-2023-52488
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from raw to noinc regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent $00, followed by all the FIFO data without having to...
DEBIAN-CVE-2023-6356
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
UBUNTU-CVE-2023-6356
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
kernel: NULL pointer dereference in nvmet_tcp_execute_request
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...
The vulnerability of the __nvmet_reqComplete() function in the drivers/nvme/target/tcp.c file of the Linux NVMe kernel driver allows a hacker to trigger a service failure.
The vulnerability of the nvmetreqComplete function in the drivers/nvme/target/tcp.c file of the Linux NVMe driver kernel involves the assignment of a null pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
InsideBitcoins Review – Best Platform To Catch Up on Crypto News?
By Owais Sultan The volatile state the crypto market is in has made it a requirement for investors and traders to… This is a post from HackRead.com Read the original post: InsideBitcoins Review - Best Platform To Catch Up on Crypto News?...
Unrestricted Unwrap Fee Changes: Instability, Market Disruption, and Loss of Trust
Lines of code Vulnerability details Impact The current changeUnwrapFee function in the Ocean smart contract allows the owner to change the unwrap fee divisor with no restrictions, leading to several negative impacts: 1. Unstable Unwrap Fees: Frequent changes in the divisor can cause instability a...
[SECURITY] Fedora 37 Update: microcode_ctl-2.1-53.3.fc37
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
[SECURITY] Fedora 39 Update: microcode_ctl-2.1-58.fc39
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
[SECURITY] Fedora 38 Update: microcode_ctl-2.1-55.2.fc38
The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...
kernel: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...
Intel(R) Optane(TM) SSD Security Vulnerability
Intel Optane SSD is a new type of non-volatile memory from Intel Corporation USA. A security vulnerability exists in Intel Optane SSD and Intel Optane SSD DC. Exploitation of this vulnerability by an attacker could result in privilege escalation, information disclosure, or denial of service...
SUSE CVE-2023-4807
Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...