14 matches found
CVE-2026-37532
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotpcontinuereceive receive.c:87-89, the payloadlength for a Single Frame is extracted from a 4-bit nibble in the CAN frame data, yielding values 0-15. However, a standard CAN frame is only 8...
CVE-2025-47393 Improper Validation of Array Index in Automotive Linux OS
Memory corruption when accessing resources in kernel driver...
CVE-2025-47393
CVE-2025-47393 involves memory corruption when accessing resources in a kernel driver. Multiple feeds (NVD, Red Hat, CVE lists, CIRCL, CNNVD) reiterate the issue as memory corruption in kernel driver access, with Qualcomm chipsets repeatedly cited in related items. The available data list an atta...
CVE-2025-47393 Improper Validation of Array Index in Automotive Linux OS
Memory corruption when accessing resources in kernel driver...
CVE-2025-47322
CVE-2025-47322 involves a memory corruption (use-after-free) flaw in IOCTL handling to set mode in Qualcomm embedded platform firmware/ MSM kernel components. Affected: Qualcomm embedded platform firmware; root cause: use-after-free leading to memory corruption. Impact: potential arbitrary code e...
CVE-2025-47322 Use After Free in Automotive Linux OS
Memory corruption while handling IOCTL calls to set mode...
CVE-2025-47322 Use After Free in Automotive Linux OS
Memory corruption while handling IOCTL calls to set mode...
CVE-2025-21437 Use After Free in Automotive Linux OS
Memory corruption while processing memory map or unmap IOCTL operations simultaneously...
CVE-2025-21437 Use After Free in Automotive Linux OS
Memory corruption while processing memory map or unmap IOCTL operations simultaneously...
CVE-2025-21437
The connected sources describe CVE-2025-21437 as a race condition in Qualcomm chipset memory management: when processing memory map and unmap IOCTLs concurrently, a use-after-free causes memory corruption. Root cause is a missing synchronization between hfastrpc mem map and mem unmap operations, ...
CVE-2025-21425 Improper Access Control in Automotive Linux OS
Memory corruption may occur due top improper access control in HAB process...
CVE-2025-21425 Improper Access Control in Automotive Linux OS
Memory corruption may occur due top improper access control in HAB process...
CVE-2025-21425
CVE-2025-21425 affects Qualcomm chipsets (HAB process) with memory corruption caused by improper access control. Impact is high (confidentiality, integrity, availability per sources). Exploitation status not indicated in the provided documents; details on affected versions are not consistently pr...
CVE-2022-24595
Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP or WebSocket request to the socket listened by the afb-daemon process. No...