USN-6686-2: Linux kernel vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

CVE-2024-27225

In sendHciCommand of bluetoothhci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

Ubuntu: Security Advisory (USN-6686-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6680-2: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

USN-6686-1 linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-lowlatency-hwe-5.15, linux-nvidia vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets due to a memory corruption when processing IOCTL FM HCI WRITE requests...

Ubuntu: Security Advisory (USN-6625-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6625-2: Linux kernel (GCP) vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

USN-6625-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

USN-6625-1: Linux kernel vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

The vulnerabilities of HCI (Host Controller Interface) and SCI interfaces, which operate according to the IEC 60870-5-104 standard, and are found in Hitachi Energy RTU500 programmable logic controllers, allow a perpetrator to trigger a service failure.

The vulnerabilities of HCI Host Controller Interface and SCI interfaces, which operate according to the IEC 60870-5-104 standard, in Hitachi Energy RTU500 programmable logic controllers, are related to insufficient verification of input data. Exploiting these vulnerabilities can allow an attacker...

CVE-2022-3746

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...

Design/Logic Flaw

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...

CVE-2022-3746

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...

Kernel: bluetooth: Unauthorized management command execution

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...

PT-2023-17780 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the btm ble process periodic adv sync lost evt function of ble scanner hci interface.cc. This could lead to local information disclosure,...

CVE-2021-3329

Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack...

SUSE CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

CVE-2023-0396

A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses...

The vulnerability of the NFC controller interface (NCI) in the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the NFC controller interface NCI in the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...