CVE-2025-20892

CVE-2025-20892 concerns a protection mechanism failure in the bootloader of Samsung Mobile devices prior to SMR January 2025 Release 1. The issue enables physical attackers to execute the fastboot command, with user interaction required to trigger it. Reported impact scores (CVSS v3.1) indicate a...

PT-2025-4174 · Smr · Smr

Name of the Vulnerable Software and Affected Versions: SMR versions prior to January 2025 Release 1 Description: A failure in the protection mechanism of the bootloader allows physical attackers to execute the fastboot command. User interaction is required to trigger this issue. Recommendations:...

CVE-2018-9369

In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2018-9369

In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

Android Pixel Information Disclosure Vulnerability

Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices...

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows - CVE-2024-29745 - An information disclosure flaw in the bootloader component CVE-2024-29748 - A...

PT-2024-2945 · Google · Android Pixel

Name of the Vulnerable Software and Affected Versions: Android Pixel versions affected versions not specified Description: The issue is related to an Information Disclosure vulnerability due to uninitialized data. This could lead to local information disclosure with no additional execution...

VulnCheck KEV: CVE-2024-29745

Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices...

PAX Technology A920 Security Vulnerability

PAX Technology A920 is an Android mobile payment terminal from PAX Technology. A security vulnerability exists in PAX Technology A920 PayDroid8.1.0SagittariusV11.1.4520230314 and earlier versions, which originates from allowing to overwrite the signature partition, and can be exploited by an...

PAX Technology A920 Security Vulnerability

PAX Technology A920 is an Android mobile payment terminal from PAX Technology. A security vulnerability exists in PAX Technology A920 PayDroid8.1.0SagittariusV11.1.4520230314 and prior versions, which originates from the ability to bypass input validation when refreshing a specific partition, and...

Fastboot Fuzzing

TL;DR The Fastboot protocol can often have hidden commands Those commands can do interesting things Conventionally they’re found by reverse engineering Cant find a copy of the firmware? Guess the commands A custom implementation of the protocol enables fuzzing via dictionary or brute force A simp...

kexec-tools bug fix update

An update is available for kexec-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kexec-tools packages contain the /sbin/kexec binary and utilities tha...

kexec-tools bug fix update

An update is available for kexec-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kexec-tools packages contain the /sbin/kexec binary and utilities tha...

CVE-2022-22079

Denial of service while processing fastboot flash command on mmc due to buffer over read...

CVE-2022-22079 Buffer Over-read in BOOT

Denial of service while processing fastboot flash command on mmc due to buffer over read...

CVE-2022-22079

CVE-2022-22079 affects Qualcomm bootloader components used in Android devices (notably with fastboot flash on MMC). The root cause is a buffer over-read in the fastboot flash processing, leading to Denial of Service with an availability impact described as High. Exploitation requires physical acc...

CVE-2022-22079 Buffer Over-read in BOOT

Denial of service while processing fastboot flash command on mmc due to buffer over read...

PT-2023-12680 · Qualcomm · Snapdragon +38

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a denial of service that occurs while processing the fastboot flash command on mmc due to a buffer over read. Recommendations: A...

[SECURITY] Fedora 37 Update: android-tools-33.0.3p1-1.fc37

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...

[SECURITY] Fedora 35 Update: android-tools-33.0.3p1-2.fc35

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...