Page 63 of 716 results (0.019 seconds)

CVSS: 5.3EPSS: 0%CPEs: 44EXPL: 0

CVE-2020-12888 – Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

https://notcve.org/view.php?id=CVE-2020-12888

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. El controlador VFIO PCI en el kernel de Linux versiones hasta 5.6.13, maneja inapropiadamente los intentos para acceder al espacio de memoria deshabilitado. A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the read/write devices' MMIO address space when it is disabled, some h/w devices issue an interrupt to the CPU to indicate a fatal error condition, crashing the system. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://www.openwall.com/lists/oss-security/2020/05/19/6 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 3.5EPSS: 0%CPEs: 13EXPL: 1

CVE-2020-11526 – freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later

https://notcve.org/view.php?id=CVE-2020-11526

libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. El archivo libfreerdp/core/update.c en FreeRDP versiones posteriores a 1.1 hasta 2.0.0-rc4, presenta una Lectura Fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commits/master https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-97jw-m5w5-xvf9 https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://pub.freerdp.com/cve/CVE-2020-11526/pocAnalysis_4.pdf https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11526 https://bugzilla.redhat.com/show_bu • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 1

CVE-2020-11522 – freerdp: out-of-bounds read in gdi.c

https://notcve.org/view.php?id=CVE-2020-11522

libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. El archivo libfreerdp/gdi/gdi.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Lectura Fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commits/master https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-48wx-7vgj-fffh https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://pub.freerdp.com/cve/CVE-2020-11522/pocAnalysis_5.pdf https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11522 https://bugzilla.redhat.com/show_bu • CWE-125: Out-of-bounds Read •

CVSS: 3.5EPSS: 0%CPEs: 13EXPL: 1

CVE-2020-11525 – freerdp: out-of-bounds read in bitmap.c

https://notcve.org/view.php?id=CVE-2020-11525

libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. El archivo libfreerdp/cache/bitmap.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Lectura Fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commits/master https://github.com/FreeRDP/FreeRDP/pull/6019/commits/58dc36b3c883fd460199cedb6d30e58eba58298c https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9755-fphh-gmjg https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://pub.freerdp.com/cve/CVE-2020-11525/pocAnalysis_1.pdf https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://a • CWE-125: Out-of-bounds Read •

CVSS: 6.6EPSS: 0%CPEs: 11EXPL: 1

CVE-2020-11524 – freerdp: Out-of-bounds write in interleaved.c

https://notcve.org/view.php?id=CVE-2020-11524

libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. El archivo libfreerdp/codec/interleaved.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Escritura Fuera de límites. A flaw was found in FreeRDP between versions 1.0 and 2.0.0. An out-of-bounds memory write was found in the interleaved.c function which could allow an attacker to take over and control the RDP server, including data sent to the client. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commits/master https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgw8-3mp2-p5qw https://pub.freerdp.com/cve/CVE-2020-11524/pocAnalysis_3.pdf https://usn.ubuntu.com/4379-1 https://access.redhat.com/security/cve/CVE-2020-11524 https://bugzilla.redhat.com/show_bug.cgi?id=1836226 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •