CVE-2026-46140

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

CVE-2025-47331

Information disclosure while processing a firmware event...

CVE-2025-47331

Information disclosure while processing a firmware event...

CVE-2025-47331

Technical details are not publicly available in the provided documents for CVE-2025-47331; monitor for updates.

CVE-2025-47331 Buffer Over-read in Video

Information disclosure while processing a firmware event...

PT-2026-1526

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An information disclosure issue exists when processing a firmware event. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2022-50880

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...

UBUNTU-CVE-2025-68748

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...

EUVD-2019-18877

Malware in sbrugna...

EUVD-2019-2405

Malware in sbrugna...

EUVD-2018-17595

Malware in sbrugna...

EUVD-2019-2284

Malware in sbrugna...

DEBIAN-CVE-2023-53237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpuirqput call trace in gmcv110hwfini The gmc.eccirq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpuirqput...

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from firmware...

CVE-2019-10536

Potential double free scenario if driver receives another DIAGEVENTLOGSUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

CVE-2019-10601

Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure a...

SUSE CVE-2024-47721

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: remove unused C2H event ID RTW89MACC2HFUNCREADWOWCAM to prevent out-of-bounds reading The handler of firmware C2H event RTW89MACC2HFUNCREADWOWCAM isn't implemented, but driver expects number of handlers is...

UBUNTU-CVE-2024-47721

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: remove unused C2H event ID RTW89MACC2HFUNCREADWOWCAM to prevent out-of-bounds reading The handler of firmware C2H event RTW89MACC2HFUNCREADWOWCAM isn't implemented, but driver expects number of handlers is...

kernel: brcmfmac frame validation bypass

If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be...

CVE-2019-9503

If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be...