CVE-2020-0576

Buffer overflow in IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access...

CVE-2020-0578

CVE-2020-0578 affects Intel Modular Server MFS2600KI Compute Module (and variants in related disclosures) with improper conditions check allowing unauthenticated privilege escalation via adjacent access. Intel issued a Product Discontinuation Notice and did not provide mitigations; affected custo...

Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module

Intel has stomped out high-severity flaws in its Next Unit Computing NUC mini PC firmware, and in its Modular Server MFS2600KISPP Compute Module. Overall, Intel addressed nine vulnerabilities across six products in its April security update – two of those being high-severity, and the rest being...

Attack matrix for Kubernetes

Kubernetes, the most popular container orchestration system and one of the fastest-growing projects in the history of open source, becomes a significant part of many companies’ compute stack. The flexibility and scalability of containers encourage many developers to move their workloads to...

The vulnerability of the built-in software in Intel NUC Kits and Intel Compute Sticks is related to buffer overflow vulnerabilities, which allow attackers to exploit their privileges.

The vulnerability of the built-in software in Intel NUC Kits and Intel Compute Sticks is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability in the built-in software of Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards arises from the execution of operations outside the buffer in memory, allowing attackers to exploit their privileges.

The vulnerability in the built-in software of Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability in the built-in software of the Intel NUC Kit and Intel Compute Stick exists due to insufficient testing of input data, allowing attackers to exploit it to gain increased privileges.

The vulnerability in the built-in software of Intel NUC Kits and Intel Compute Sticks exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the built-in software in Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards lies in the ability to write beyond the buffer boundaries of memory, allowing attackers to exploit their privileges.

The vulnerability in the built-in software of Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards relates to writing beyond the buffer boundaries of memory. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability in the built-in software of Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards exists due to insufficient testing of input data. This allows attackers to exploit it to gain increased privileges.

The vulnerability in the built-in software of Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability in the built-in software of Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards is caused by a full integer overflow, allowing an attacker to exploit their privileges.

The vulnerability of the built-in software in Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards is caused by a numerical overflow. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the built-in software in Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards is related to lack of access control, allowing attackers to increase their privileges.

The vulnerability of the built-in software in Intel NUC Kits, Intel Compute Sticks, and Intel Compute Cards is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2019-2311

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2019-14048

Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150...

CVE-2019-14081

Buffer Over-read when WLAN module gets a WMI message for SAR limits with invalid number of limits to be enforced in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networki...

CVE-2019-14068

Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009...

CVE-2019-14086

Possible integer overflow while checking the length of frame which is a 32 bit integer and is added to another 32 bit integer which can lead to unexpected result during the check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

CVE-2019-10612

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure...

CVE-2019-10616

Possibility of null pointer access if the SPDM commands are executed in the non-standard way in TZ. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

CVE-2019-10569

Stack buffer overflow due to instance id is misplaced inside definition of hardware accelerated effects in makefile in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, APQ8098, MDM9607, MDM9640, MSM8998, QCS605, SC8180X, SDM439, SDM630, SDM636, SDM660,...

CVE-2019-10552

Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...