Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acrn vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-15687
Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a co...
Linuxfoundation Acrn 1.6.1
Linuxfoundation Acrn 2.0
445
VMScore
CVE-2021-36143
ACRN prior to 2.5 has a hw/pci/virtio/virtio.c vq_endchains NULL Pointer Dereference.
Linux Acrn
445
VMScore
CVE-2021-36145
The Device Model in ACRN up to and including 2.5 has a devicemodel/core/mem.c use-after-free for a freed rb_entry.
Linux Acrn
445
VMScore
CVE-2021-36146
ACRN prior to 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer.
Linux Acrn
445
VMScore
CVE-2021-36147
An issue exists in ACRN prior to 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for vq->used.
Linux Acrn
605
VMScore
CVE-2021-36148
An issue exists in ACRN prior to 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow.
Linux Acrn
445
VMScore
CVE-2019-18844
The Device Model in ACRN prior to 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow malicious users to cause a denia...
Linux Acrn
445
VMScore
CVE-2020-28346
ACRN up to and including 2.2 has a devicemodel/hw/pci/virtio/virtio.c NULL Pointer Dereference.
Projectacrn Acrn
445
VMScore
CVE-2021-36144
The polling timer handler in ACRN prior to 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/*.c.
Linux Acrn
NA
CVE-2022-1651
A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged malicious user to leak unauthorized kernel information, causing a denial of ser...
Linux Linux Kernel
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started