69 matches found
CVE-2025-65822
CVE-2025-65822 concerns the ESP32 SoC in the Meatmeet Pro, where JTAG is left enabled. The Red Hat/NVD/CNNVD and related entries describe that a physical attacker can connect via the JTAG port on a Meatmeet Pro device and reflash firmware with malicious code, potentially causing loss of device fu...
CVE-2025-40263
In the Linux kernel, the following vulnerability has been resolved: Input: croseckeyb - fix an invalid memory access If croseckeybregistermatrix isn't called due to buttonsswitchesonly in croseckeybprobe, ckdev-idev remains NULL. An invalid memory access is observed in croseckeybprocess when...
OESA-2025-2658 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufsnewfile failure It's called from spufsfilldir, and caller of that will do spufsrmdir in case of failure. That does remove everything we...
PT-2025-49093
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where an invalid memory access can occur in the cros ec keyb process function when receiving an EC MKBP EVENT KEY MATRIX event. This happens if cros ec...
EUVD-2022-43099
Malicious code in bioql PyPI...
EUVD-2022-43102
Malicious code in bioql PyPI...
DEBIAN-CVE-2022-50125
In the Linux kernel, the following vulnerability has been resolved: ASoC: croseccodec: Fix refcount leak in croseccodecplatformprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
CVE-2022-3746
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...
DEBIAN-CVE-2025-37781
In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also be reproduced by...
UBUNTU-CVE-2025-37781
In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also be reproduced by...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from i2c-cros-ec-tunnel not delaying detection when the parent EC does not exist...
kernel: ACPI: EC: Fix oops when removing custom query handlers
A flaw was found in the Linux kernel's ACPI Embedded Controller EC subsystem. When removing custom query handlers, a kernel oops can occur if the handler is still being executed in the EC query workqueue while the module containing the callback function is being unloaded. The fix ensures the...
kernel: ACPI: EC: Fix oops when removing custom query handlers
A flaw was found in the Linux kernel's ACPI Embedded Controller EC subsystem. When removing custom query handlers, a kernel oops can occur if the handler is still being executed in the EC query workqueue while the module containing the callback function is being unloaded. The fix ensures the...
CVE-2022-3746
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...
CVE-2022-3743
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller EC commands...
CVE-2022-3746
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...
Design/Logic Flaw
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...
CVE-2022-3746
Summary of vulnerability (CVE-2022-3746) : The issue affects Lenovo consumer notebook models using LCFC BIOS, where an exposed Embedded Controller (EC) interface can be leveraged by a local attacker with elevated privileges to cause certain peripherals to behave abnormally. The available sources ...
CVE-2022-3746
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller EC interface...
CVE-2022-3743
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller EC commands...