OESA-2023-1782 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open, aka a race...

PT-2023-13294 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: Memory corruption occurs due to improper validation of an array index when a malformed APDU is sent from a card. Recommendations: At the moment, there is no information about a newer version...

SUSE CVE-2017-5898

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open() aka a race condition between scr24x_open() and scr24x_remove().

...

UBUNTU-CVE-2022-44034

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24xcs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open, aka a race condition between scr24xopen and scr24xremove...

QEMU path traversal vulnerability (CNVD-2020-47039)

QEMU Quick Emulator is a set of simulation processor software by French software developer Fabrice Bellard. The software is fast, cross-platform and other characteristics. A path traversal vulnerability exists in ati2dblt in QEMU's ATI VGA devices. The vulnerability stems from the failure of a...

Wudfhost.exe crashes when you plug in a USB-ICCD-compliant smart card device into a Windows computer

Wudfhost.exe crashes when you plug in a USB-ICCD-compliant smart card device into a Windows computer Symptoms Assume that you plug in a USB-ICCD-compliant smart card device into a computer that is running Windows 8, Windows Server 2012, Windows 7 Service Pack 1 SP1, or Windows Server 2008 R2 SP1...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:1241-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

Integer overflow

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

CVE-2017-5898

CVE-2017-5898 affects Quick Emulator (QEMU) when built with CCID Card device emulator support. The vulnerability is an integer overflow in the emulated_apdu_from_guest function (usb/dev-smartcard-reader.c) that allows a local user to crash the QEMU host process by sending a large APDU unit, causi...

SUSE SLES12 Security Update : qemu (SUSE-SU-2017:0661-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...

3 6 0 Marvel Team virtualization vulnerabilities the fourth bomb: CVE-2 0 1 5-8 5 6 7 vulnerability analysis-vulnerability warning-the black bar safety net

2 0 1 5 years is“the cloud leap”year, is also a virtualization vulnerability really is people cognition, attention of a year, unwilling to“like the wind”3 6 0 Marvel Team take the initiative, with practical actions for cloud computing escort. As of today, we accumulated in kvm, xen, vmware platfo...