75 matches found
CVE-2025-40330
In the Linux kernel, the following vulnerability has been resolved: bnxten: Shutdown FW DMA in bnxtshutdown The netifclose call in bnxtshutdown only stops packet DMA. There may be FW DMA for trace logging recently added that will continue. If we kexec to a new kernel, the DMA will corrupt memory ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the bnxtshutdown function not disabling FW DMA, which could lead to memory corruption...
CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet
Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...
CVE-2025-34503
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...
EUVD-2018-15441
Malware in sbrugna...
CVE-2025-0038
The CVE-2025-0038 entry corresponds to AMD Zynq UltraScale+ devices where the PMU Firmware’s CSU runtime services do not validate memory addresses. Connected sources (AMD-SB-8008 and related records) confirm that memory pointers issued to CSU runtime commands can bypass access controls, allowing ...
EUVD-2025-13065
Malicious code in bioql PyPI...
EUVD-2025-13057
Malicious code in bioql PyPI...
EUVD-2025-21138
Malicious code in bioql PyPI...
SUSE CVE-2023-53532
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix deinitialization of firmware resources Currently, in ath11kahbfwresourcesinit, iommu domain mapping is done only for the chipsets having fixed firmware memory. Also, for such chipsets, mapping is done only if it...
PT-2025-36385
Name of the Vulnerable Software and Affected Versions: AND power Management Firmware affected versions not specified Description: Improper validation of an array index within the firmware could allow a privileged attacker to corrupt AGESA memory, potentially leading to a loss of system integrity...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2025-36581
Dell PowerEdge Platform versions 14G AMD BIOS v1.25.0 and prior, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...
Linux Distros Unpatched Vulnerability : CVE-2025-37744
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath12k: fix memory leak in ath12kpciremove Kmemleak reported this error: unreferenced object 0xffff1c165cec3060 size 32: comm insmod, pid 560, jiffies...
Linux Distros Unpatched Vulnerability : CVE-2021-47228
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. In order for this memory to not ...
Linux Distros Unpatched Vulnerability : CVE-2025-37764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/imagination: fix firmware memory leaks Free the memory used to hold the results of...
Linux Distros Unpatched Vulnerability : CVE-2025-38438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was...
Linux Distros Unpatched Vulnerability : CVE-2024-35994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while...
CVE-2025-7028
A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...
CVE-2025-7028 SMM Arbitrary Memory Access via Flash Handler with Unchecked FuncBlock Pointer
A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...