VYPR

acrn-hypervisor

by ACRN

Source repositories

CVEs (8)

  • CVE-2020-28346HigMar 26, 2021
    risk 0.42cvss 7.5epss 0.01

    ACRN through 2.2 has a devicemodel/hw/pci/virtio/virtio.c NULL Pointer Dereference.

  • CVE-2019-18844HigNov 13, 2019
    risk 0.42cvss 7.5epss 0.02

    The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of…

  • CVE-2021-36148HigJul 2, 2021
    risk 0.00cvss 7.8epss 0.01

    An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow.

  • CVE-2021-36147HigJul 2, 2021
    risk 0.00cvss 7.5epss 0.01

    An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for vq->used.

  • CVE-2021-36146HigJul 2, 2021
    risk 0.00cvss 7.5epss 0.01

    ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer.

  • CVE-2021-36145HigJul 2, 2021
    risk 0.00cvss 7.5epss 0.01

    The Device Model in ACRN through 2.5 has a devicemodel/core/mem.c use-after-free for a freed rb_entry.

  • CVE-2021-36144HigJul 2, 2021
    risk 0.00cvss 7.5epss 0.01

    The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/*.c.

  • CVE-2021-36143HigJul 2, 2021
    risk 0.00cvss 7.5epss 0.01

    ACRN before 2.5 has a hw/pci/virtio/virtio.c vq_endchains NULL Pointer Dereference.