486 matches found
CLSA-2023-1690287378 kernel: Fix of 28 CVEs
ALSA: pcm: Fix races among concurrent prealloc proc writes CVE-2022-1048 - ALSA: pcm: Fix races among concurrent prepare and hwparams/hwfree calls CVE-2022-1048 - ALSA: pcm: Fix races among concurrent read/write and buffer changes CVE-2022-1048 - ALSA: pcm: Fix races among concurrent hwparams and...
CLSA-2023-1686651204 kernel: Fix of 25 CVEs
cgroup: Use open-time cgroup namespace for process migration perm checks CVE-2021-4197 - cgroup: Use open-time credentials for process migraton perm checks CVE-2021-4197 - vt: drop old FONT ioctls CVE-2021-33656 - fbmem: Check virtual screen sizes in fbsetvar CVE-2021-33655 - fbcon: Prevent that...
kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...
kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...
kernel: USB-accessible buffer overflow in brcmfmac
A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges...
OESA-2023-1210 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return...
OESA-2023-1211 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: Kernel: A denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.cCVE-2023-28328 A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c ...
DEBIAN-CVE-2023-1380
A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when associnfo-reqlen data is bigger than the size of the buffer, defined as WLEXTRABUFMAX, leading to a denial of service...
CVE-2023-1380
A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when associnfo-reqlen data is bigger than the size of the buffer, defined as WLEXTRABUFMAX, leading to a denial of service...
The vulnerability of the brcmf_get_assoc_ies() function in the driver drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c of the Linux kernel allows a attacker to access protected information or cause a service failure.
The vulnerability of the brcmfgetassocies function in the driver drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c of the Linux kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to access protected...
The vulnerability of the brcmf_cfg80211_mgmt_tx function in the Linux kernel’s drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c file allows a hacker to cause system failures or gain increased privileges.
The vulnerability of the brcmfcfg80211mgmttx function in the Linux kernel’s drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c file is related to buffer overflow attacks. Exploiting this vulnerability can allow attackers to cause system failures or gain increased privileges...
K50081147: Linux kernel vulnerabilities CVE-2019-9500, CVE-2019-9503
Security Advisory Description CVE-2019-9500 The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap...
SUSE CVE-2016-8658
Stack-based buffer overflow in the brcmfcfg80211startap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service system crash or possibly have unspecified other impact via a long SSID Information Eleme...
GSD-2023-1002025 wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads
wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by...
PT-2023-34923 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue is related to out-of-bounds reads in the wifi brcmfmac driver. It is noted that the actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kerne...
GSD-2023-1001347 brcmfmac: return error when getting invalid max_flowrings from dongle
brcmfmac: return error when getting invalid maxflowrings from dongle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001338 wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()
wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmffwallocrequest This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001022 brcmfmac: return error when getting invalid max_flowrings from dongle
brcmfmac: return error when getting invalid maxflowrings from dongle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1001013 wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()
wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmffwallocrequest This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000596 brcmfmac: return error when getting invalid max_flowrings from dongle
brcmfmac: return error when getting invalid maxflowrings from dongle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...