MT2713, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT8168, MT8175, MT8188, MT8195, MT8365, MT8666, MT8667, MT8673 Security Vulnerabilities

CVE-2023-52873

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer...

CVE-2023-52873

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer...

CVE-2023-52873

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer...

CVE-2023-52873

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer...

CVE-2023-52873 clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer...

CVE-2023-52873

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer...

CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only...

CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only...

CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only...

CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only...

CVE-2024-35842 ASoC: mediatek: sof-common: Add NULL check for normal_link string

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only...

CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only...

Unbreakable Enterprise kernel security update

[5.15.0-203.146.5.1] - Revert 'selftests/bpf: Test tail call counting with bpf2bpf and data on stack' (Samasth Norway Ananda) [Orabug: 36277693] - Revert 'tcp: fix excessive TLP and RACK timeouts from HZ rounding' (Sherry Yang) [Orabug: 36277684] [5.15.0-203.146.5] - i2c: core: Fix atomic xfer...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.328.3.el7] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (Mark Zhang) [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36154654] - sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185207] - i2c:....

Unbreakable Enterprise kernel security update

[5.4.17-2136.328.3] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (Mark Zhang) [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36154654] - sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185207] - i2c:...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.328.3.el8] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (Mark Zhang) [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36154654] - sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185207] - i2c:....

Fedora 37 : linux-firmware (2023-eabbf4ca4d)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-eabbf4ca4d advisory. New firmware for AMD Zen CPUs to mitigate the AMD 'Inception' attack. Only needed for affected AMD users. ---- Update to upstream 20230804 release: * ...

Fedora 38 : linux-firmware (2023-d15f5a186a)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d15f5a186a advisory. Update to upstream 20230804 release: * Split out QCom Arm IP firmware * Merge Marvell libertas WiFi firmware * Mellanox: Add new mlxsw_spectrum...

WPAxFuzz - A Full-Featured Open-Source Wi-Fi Fuzzer

This tool is capable of fuzzing either any management, control or data frame of the 802.11 protocol or the SAE exchange. For the management, control or data frames, you can choose either the "standard" mode where all of the frames transmitted have valid size values or the "random" mode where the...

Unbreakable Enterprise kernel security update

[5.15.0-101.103.2.1] - Revert 'attr: use consistent sgid stripping checks' (Sherry Yang) [Orabug: 35346968] - Revert 'iommu: Force iommu shutdown on panic' (Boris Ostrovsky) [Orabug: 35346963] [5.15.0-101.103.2] - uek-rpm: mod-extra: Remove mt7921e.ko from extras list (Harshit Mogalapalli) ...

Multiple MediaTek chip telephony privilege elevation vulnerabilities

MediaTek chips are a variety of chips from MediaTek, a China-based MediaTek company. Several MediaTek chips telephony has elevation of privilege vulnerability, the vulnerability originated from the package format mismatch, attackers can use the vulnerability for elevation of...

Multiple MediaTek chips ims elevation of privilege vulnerabilities

MediaTek chips are a variety of chips from MediaTek, a China-based MediaTek company. Several MediaTek chips ims have an elevation of privilege vulnerability, which stems from a mismatch in the package format and can be exploited by attackers for elevation of...

Multiple MediaTek chip ril denial-of-service vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them available worldwide each year....

Multiple MediaTek chip vdec fmt local privilege elevation vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them hitting the market around the world.....

Multiple MediaTek chip cpu dvfs local privilege elevation vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips available worldwide each year. Several MediaTek...

Multiple MediaTek chip sensorhub local privilege elevation vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices a year with MediaTek chips built into them available worldwide. Several.....

Multiple MediaTek chip wlan local privilege elevation vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices a year with MediaTek chips built into them available around the world....

Multiple MediaTek chip denial of service vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them hitting the market around the world.....

Unbreakable Enterprise kernel security update

[5.15.0-1.43.4.1] - net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460936] {CVE-2022-2588} [5.15.0-1.43.4] - Revert selftests/bpf: add tests verifying unprivileged bpf behaviour (Alan Maguire) [Orabug: 34399286] - Revert selftests/bpf: Add...

Unbreakable Enterprise kernel-container security update

[5.15.0-1.43.4.1] - net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460936] {CVE-2022-2588} [5.15.0-1.43.4] - Revert selftests/bpf: add tests verifying unprivileged bpf behaviour (Alan Maguire) [Orabug: 34399286] - Revert selftests/bpf: Add...

Security update for the Linux Kernel (important)

An update that solves 48 vulnerabilities, contains 26 features and has 202 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 kernel was updated. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch...

Security update for the Linux Kernel (important)

An update that solves 49 vulnerabilities, contains 26 features and has 207 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 kernel was updated. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch...

Multiple MediaTek Chip Autoboot Access Control Error Vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them listed around the world each year....

Bluetooth Buffer Overflow Vulnerability in Multiple MediaTek Chips (CNVD-2022-66253)

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices a year with MediaTek chips built into them available around the world. A....

Multiple MediaTek chips compete for conditional vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them hitting the market around the world.....

Multiple MediaTek chip WLAN driver input validation error vulnerability

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips available worldwide each year. A number of MediaTek.....

Multiple MediaTek chipsaudio DSP input validation error vulnerability

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion units of MediaTek chips built into end products marketed around the world each...

Multiple MediaTek chipsaudio DSP type conversion vulnerabilities

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion units a year of terminal products with MediaTek chips built into them available.....

Multiple MediaTek Chip CCCI Input Validation Error Vulnerability

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices with MediaTek chips built into them marketed around the world each year.....

Bluetooth Buffer Overflow Vulnerability in Multiple MediaTek Chips (CNVD-2022-66252)

MediaTek Inc. is the world's fourth largest fab semiconductor company and a market leader in mobile devices, smart home applications, wireless connectivity technologies and IoT products, with approximately 1.5 billion devices a year with MediaTek chips built into them available around the world. A....

ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe

ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by...

SUSE: Security Advisory (SUSE-SU-2021:3933-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2021:3807-1)

The remote host is missing an update for...

Security update for the Linux Kernel (important)

An update that solves 6 vulnerabilities, contains one feature and has 35 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed: Unprivileged BPF has been disabled...

Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally

Multiple security weaknesses have been disclosed in MediaTek system-on-chips (SoCs) that could have enabled a threat actor to elevate privileges and execute arbitrary code in the firmware of the audio processor, effectively allowing the attackers to carry out a "massive eavesdrop campaign" without....

Security update for the Linux Kernel (important)

An update that solves 6 vulnerabilities, contains one feature and has 22 fixes is now available. Description: The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: Unprivileged BPF has been disabled by default to reduce...

Security update for the Linux Kernel (important)

An update that solves 15 vulnerabilities and has 56 fixes is now available. Description: The following security bugs were fixed: CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063). CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which...