A vulnerability, which was classified as critical, has been found in ACRN up to 2.4. Affected by this issue is an unknown part of the file devicemodel/hw/pci/virtio/*.c of the component Polling Timer. Upgrading to version 2.5 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
ACRN up to 2.4 Polling Timer *.c use after free
- Virtual Patching
- July 3, 2021
- 9:04 am
Contact us to get started
CVE-2023-1424 : MITSUBISHI ELECTRIC MELSEC IQ-F PACKETS BUFFER OVERFLOW
Description Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU
CVE-2023-2845 : CLOUDEXPLORER-LITE UP TO 1.0.X ACCESS CONTROL
Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE
CVE-2023-32336 : IBM INFOSPHERE INFORMATION SERVER 11.7 RMI SERVICE DESERIALIZATION
Description IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an