421 matches found
GSD-2023-1000405 ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
ext4: fix bugon in estreesearch caused by bad boot loader inode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...
CVE-2021-46779
Insufficient input validation in SVCECCPRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential loss of integrity and availability...
CVE-2021-46768
Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service...
CVE-2021-46768
Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service...
Input validation
Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service...
CVE-2021-46768
Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service...
PT-2023-1405 · Amd · Amd Secure Encrypted Virtualization (Sev) Firmware
Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization SEV firmware affected versions not specified Description: The issue is related to insufficient input validation in the SEV firmware, which may allow an attacker to perform out-of-bounds memory reads within...
PT-2025-49618
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-next-20221007-dirty 349 Description A flaw exists in the Linux kernel related to the handling of boot loader inodes. Specifically, a bug in the es tree search function within the ext4 filesystem can occur...
The vulnerability of the do_rename_gpt_parts() function (cmd/gpt.c) in the U-Boot loader for embedded Linux operating systems allows a hacker to execute arbitrary code.
The vulnerability of the dorenamegptparts function cmd/gpt.c in the U-Boot loader for embedded Linux-based operating systems is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of Grub2 operating system loaders, related to the execution of operations outside the buffer boundaries, allows attackers to execute arbitrary code.
The vulnerability of Grub2 operating system loaders is related to the issue where operations occur outside of the buffer in memory when rendering certain Unicode sequences using a specially crafted font. Exploiting this vulnerability allows an attacker to execute arbitrary code...
Nokia ASIK AirScale 5G Common System Module 安全漏洞
The Nokia ASIK AirScale 5G Common System Module is a common system unit from Nokia, Finland. A security vulnerability exists in Nokia ASIK AirScale 5G Common System Module versions 474021A.101 and 474021A.102, which arises from its boot loader loading a public key used for firmware verification...
Nokia ASIK AirScale 5G Common System Module 安全漏洞
The Nokia ASIK AirScale 5G Common System Module is a common system unit from Nokia of Finland. A security vulnerability exists in the Nokia ASIK AirScale 5G Common System Module, which arises from incorrect access control of its volatile memory containing boot code that could allow an attacker to...
DENX Software Engineering Das U-Boot 缓冲区错误漏洞
DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in DENX Software Engineering Das U-Boot that originates from an unchecked download size and direction in the USB DFU, which can be exploited by an attacker to...
CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass
...
Das U-Boot 缓冲区错误漏洞
Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios & MicroBlaze. A security vulnerability exists in Das U-Boot versions v2020.10 through v2022.07-rc3. An attacker can...
Das U-Boot 缓冲区错误漏洞
Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot version 2022.07-rc5 and earlier versions, which stems from...
Important: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
A flaw was found in grub2 when handling a PNG image header. When decoding the data contained in the Huffman table at the PNG file header, an out-of-bounds write may happen on grub's heap...
Important: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
grub2, mokutil, shim, and shim-unsigned-x64 security update
An update is available for shim, mokutil. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader...