Linux Acrn
By the Year
In 2024 there have been 0 vulnerabilities in Linux Acrn . Acrn did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 6 | 7.55 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 7.50 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Acrn vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Linux Acrn Security Vulnerabilities
An issue was discovered in ACRN before 2.5
CVE-2021-36148
7.8 - High
- July 02, 2021
An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow.
Classic Buffer Overflow
An issue was discovered in ACRN before 2.5
CVE-2021-36147
7.5 - High
- July 02, 2021
An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for vq->used.
NULL Pointer Dereference
ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer.
CVE-2021-36146
7.5 - High
- July 02, 2021
ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer.
NULL Pointer Dereference
The Device Model in ACRN through 2.5 has a devicemodel/core/mem.c use-after-free for a freed rb_entry.
CVE-2021-36145
7.5 - High
- July 02, 2021
The Device Model in ACRN through 2.5 has a devicemodel/core/mem.c use-after-free for a freed rb_entry.
Dangling pointer
The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device
CVE-2021-36144
7.5 - High
- July 02, 2021
The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/*.c.
Dangling pointer
ACRN before 2.5 has a hw/pci/virtio/virtio.c vq_endchains NULL Pointer Dereference.
CVE-2021-36143
7.5 - High
- July 02, 2021
ACRN before 2.5 has a hw/pci/virtio/virtio.c vq_endchains NULL Pointer Dereference.
NULL Pointer Dereference
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might
CVE-2019-18844
7.5 - High
- November 13, 2019
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1.
assertion failure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Linux Acrn or by Linux? Click the Watch button to subscribe.
