CVE-2018-9580

A Elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-76222002...

DigiDuck Framework - Framework For Digiduck Development Boards Running ATTiny85 Processors And Micronucleus Bootloader

Framework for Digiduck Development Boards running ATTiny85 processors and micronucleus bootloader! Roadmap: Plan to implement a command for Duckyspark translation within the framework. Requirements: - ATTiny85 or other compatible "Digispark" Development Boards - DigiSpark Drivers If you can use...

Google Android Bootloader Integer Overflow Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Bootloader is a bootloader. An integer overflow vulnerability exists in Bootloader in Android. An attacker can exploit this vulnerability to cause a buffer overflow...

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to mitigate security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.153/: Upgraded. This kernel update enables mitigations for L1 Terminal Fault aka Foreshadow and Foreshadow-NG vulnerabilities. Thank...

CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...

CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...

CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

CVE-2017-3226

CVE-2017-3226 concerns Das U-Boot’s AES-CBC environment encryption (CONFIG_ENV_AES=y). A crafted two‑byte sequence in the encrypted environment data can trigger an error during environment variable parsing, which is improperly handled and leads to an immediate process termination with a debugging...

CVE-2017-3225

CVE-2017-3225 concerns Das U-Boot, a device bootloader that reads configuration from an AES-CBC encrypted file. The vulnerability stems from U-Boot using a zero initialization vector (IV) in AES-CBC, which enables dictionary-like attacks on encrypted data to learn information about the ciphertext...

Google Android Qualcomm bootloader information disclosure vulnerability (CNVD-2018-17505)

Android on Google Pixel and Nexus is an open source Linux-based operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA.Qualcomm Bootloader is a bootloader developed by Qualcomm using the Qualcomm Bootloader is a bootloader developed by...

Android Qualcom bootloader information disclosure vulnerability

Android on Google Pixel and Nexus is an open source Linux-based operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA.Qualcomm Bootloader is a bootloader developed by Qualcomm using the Qualcomm Bootloader is a bootloader developed by...

Google Android Qualcomm Bootloader Buffer Overflow Vulnerability

Android on Google Pixel and Nexus is an open source Linux-based operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA.Qualcomm Bootloader is a bootloader developed by Qualcomm using the Qualcomm Bootloader is a bootloader developed by...

DENX Software Engineering U-Boot Input Validation Vulnerability

DENX Software Engineering U-Boot is a bootloader from DENX Software Engineering, Germany, that can read device configuration from AES encrypted files. An input validation vulnerability exists in the Verified boot signature verification in DENX Software Engineering U-Boot. An attacker could exploi...

Bootloader vulnerability in OnePlus 6 lets an attacker take control of the device

By Waqas An IT security researcher has discovered a critical vulnerability in OnePlus This is a post from HackRead.com Read the original post: Bootloader vulnerability in OnePlus 6 lets an attacker take control of the device...

OnePlus 6 Flaw Allows to Boot Any Image Even With Locked Bootloader

Have you recently bought a OnePlus 6? Don't leave your phone unattended. A serious vulnerability has been discovered in the OnePlus 6 bootloader that makes it possible for someone to boot arbitrary or modified images to take full admin control of your phone—even if the bootloader is locked. A...

OnePlus 6 Flaw Allows to Boot Any Image Even With Locked Bootloader

Have you recently bought a OnePlus 6? Don't leave your phone unattended. A serious vulnerability has been discovered in the OnePlus 6 bootloader that makes it possible for someone to boot arbitrary or modified images to take full admin control of your phone—even if the bootloader is locked. A...

Google Android Qualcomm component elevation of privilege vulnerability (CNVD-2018-12659)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the Google Android Qualcomm component Bootloader. An attacker can exploit this vulnerability to achieve elevation of privilege...

Google Android MediaTek component elevation of privilege vulnerability (CNVD-2018-13158)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the Google Android MediaTek component bootloader. An attacker can exploit this vulnerability to achieve elevation of privilege...

Google Android Qualcomm component elevation of privilege vulnerability (CNVD-2018-12663)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the Google Android Qualcomm component Bootloader. An attacker can exploit this vulnerability to achieve elevation of privilege...