485 matches found
PT-2025-37981
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the communication buffer allocated by setup mm hdr was not contiguous, despite being expected to be by tee shm register kernel buf. This could le...
CVE-2025-25734
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28 contain an unauthenticated EFI shell that can be leveraged to execute arbitrary code or escalate privileges during boot. Root cause is an EFI shell exposure in the RSU firmware; aff...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...
SUSE CVE-2025-38585
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...
UBUNTU-CVE-2025-38585
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...
CVE-2025-38585 staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...
CVE-2025-38585 staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...
CVE-2025-38585
CVE-2025-38585 concerns Linux kernel staging/atomisp: a stack buffer overflow in gmin_get_var_int() triggered when gmin_get_config_var() calls EFI get_variable() with a larger-than-expected EFI variable. The bug stems from two issues: (1) gmin_get_config_var() returning a stale error code on EFI ...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...
SUSE-SU-2025:02853-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...
Linux Distros Unpatched Vulnerability : CVE-2023-39950
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and...
Linux Distros Unpatched Vulnerability : CVE-2025-38315
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btinteldsbr i...
SMM Memory Corruption Vulnerability in the AMI Aptio's SMM Module Across Multiple Devices
Overview System Management Mode SMM memory corruption vulnerabilities have been identified in UEFI modules present in AMI Aptio UEFI firmware. An attacker could exploit this vulnerability to elevate privileges and execute arbitrary code in the highly privileged SMM environment. Users should apply...
CVE-2024-38805 iSCSI Remote Memory Corruption and Denial of Service
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
Linux Distros Unpatched Vulnerability : CVE-2021-47134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setuparch would invoke efiinit-efigetfdtparams. I...
The vulnerability of the UEFI Management mode of the microprogramming software in embedded platforms for artificial intelligence NVIDIA Jetson Orin Series, NVIDIA Xavier Series, and IGX Orin allows a perpetrator to execute arbitrary code, gain unauthorized access to read and modify protected information, or cause system failures.
The vulnerability of the UEFI Management mode of microprogramming software in embedded platforms for artificial intelligence, such as NVIDIA Jetson Orin Series, NVIDIA Xavier Series, and IGX Orin, is related to the improper generation of fault reports. Exploiting this vulnerability can allow...
Linux Distros Unpatched Vulnerability : CVE-2021-46951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpmreadlogefi is called...
Linux Distros Unpatched Vulnerability : CVE-2022-50226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal t...
Linux Distros Unpatched Vulnerability : CVE-2024-46868
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set,...
UBUNTU-CVE-2025-3770
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...