PT-2024-10759 · Rad · Rad Secflow-2

Name of the Vulnerable Software and Affected Versions: RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 Description: The issue allows URIs beginning with /.. for Directory Traversal, as demonstrated by reading /etc/shadow. This can potentially lead to unauthorized...

CVE-2024-20832

Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code...

CVE-2024-20831

Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code...

CVE-2024-20831

Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code...

Stack overflow

Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attackers to execute arbitrary code...

Heap overflow

Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attacker to execute arbitrary code...

CVE-2024-20832

The CVE-2024-20832 entry concerns the Little Kernel bootloader heap overflow in Samsung devices. Affected component: Little Kernel in the bootloader; root cause: heap overflow prior to SMR Mar-2024 Release 1. Impact: local privileged attackers can execute arbitrary code. Public exploitation detai...

CVE-2024-20831

Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code...

CVE-2024-20831

CVE-2024-20831 describes a stack overflow in the Little Kernel bootloader. The vulnerability is exploitable locally to gain privileged code execution via the bootloader on versions prior to SMR Mar-2024 Release 1. Remediation per provided documents is to update to SMR Mar-2024 Release 1 or later;...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Mar-2024 Release 1, which originates from a buffer overflow in the Little Kernel function of the...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Mar-2024 Release 1, which originates from a buffer overflow in the Little Kernel function of the...

Medium: grub2

Issue Overview: The "/boot/efi/EFI/fedora/grub.cfg" configuration file allows an unprivileged user with physical access to a computer to bypass the GRUB password protection feature on many but not all UEFI-based systems. CVE-2023-4001 Affected Packages: grub2 Issue Correction: Run dnf update grub...

PT-2024-18740 · Unknown · Little Kernel

Name of the Vulnerable Software and Affected Versions: Little Kernel in bootloader versions prior to SMR Mar-2024 Release 1 Description: A heap overflow issue in Little Kernel in bootloader allows local privileged attackers to execute arbitrary code. This issue persists even after reboots and...

PT-2024-18739 · Unknown · Little Kernel

Name of the Vulnerable Software and Affected Versions: Little Kernel in bootloader versions prior to SMR Mar-2024 Release 1 Description: The issue is a stack overflow in the Little Kernel in the bootloader, which allows local privileged attackers to execute arbitrary code. This can be exploited b...

CVE-2023-52561

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved Adding a reserved memory region for the framebuffer memory the splash memory region set up by the bootloader. It fixes a kernel panic arm-smmu: Unhandled...

CVE-2023-52561 arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved Adding a reserved memory region for the framebuffer memory the splash memory region set up by the bootloader. It fixes a kernel panic arm-smmu: Unhandled...

CVE-2023-52561 arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved Adding a reserved memory region for the framebuffer memory the splash memory region set up by the bootloader. It fixes a kernel panic arm-smmu: Unhandled...

OESA-2024-1223 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate...

OESA-2024-1187 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints...

OESA-2024-1184 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints...