cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-36143,https://securityvulnerability.io/vulnerability/CVE-2021-36143,,ACRN before 2.5 has a hw/pci/virtio/virtio.c vq_endchains NULL Pointer Dereference.,Linux,Acrn,7.5,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2021-07-02T21:25:09.000Z,0
CVE-2021-36144,https://securityvulnerability.io/vulnerability/CVE-2021-36144,,"The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/*.c.",Linux,Acrn,7.5,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2021-07-02T21:24:57.000Z,0
CVE-2021-36145,https://securityvulnerability.io/vulnerability/CVE-2021-36145,,The Device Model in ACRN through 2.5 has a devicemodel/core/mem.c use-after-free for a freed rb_entry.,Linux,Acrn,7.5,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2021-07-02T21:24:48.000Z,0
CVE-2021-36146,https://securityvulnerability.io/vulnerability/CVE-2021-36146,,ACRN before 2.5 has a devicemodel/hw/pci/xhci.c NULL Pointer Dereference for a trb pointer.,Linux,Acrn,7.5,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2021-07-02T21:24:35.000Z,0
CVE-2021-36147,https://securityvulnerability.io/vulnerability/CVE-2021-36147,,An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for vq->used.,Linux,Acrn,7.5,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2021-07-02T21:24:22.000Z,0
CVE-2021-36148,https://securityvulnerability.io/vulnerability/CVE-2021-36148,,An issue was discovered in ACRN before 2.5. dmar_free_irte in hypervisor/arch/x86/vtd.c allows an irte_alloc_bitmap buffer overflow.,Linux,Acrn,7.8,HIGH,0.0008500000112690032,false,false,false,false,,false,false,2021-07-02T21:24:05.000Z,0
CVE-2020-15687,https://securityvulnerability.io/vulnerability/CVE-2020-15687,,"Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime.",Linux,Acrn,7.5,HIGH,0.0013800000306218863,false,false,false,false,,false,false,2020-08-31T15:39:24.000Z,0
CVE-2019-18844,https://securityvulnerability.io/vulnerability/CVE-2019-18844,,"The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of service (assertion failure) within pci core. This is fixed in 1.2. 6199e653418e is a mitigation for pre-1.1 versions, whereas 2b3dedfb9ba1 is a mitigation for 1.1.",Linux,Acrn,7.5,HIGH,0.004019999876618385,false,false,false,false,,false,false,2019-11-13T19:12:37.000Z,0