715 matches found
PT-2024-15180 · Unknown · Sciener Locks
Name of the Vulnerable Software and Affected Versions: Sciener locks affected versions not specified Description: The firmware update mechanism of the locks does not authenticate or validate firmware updates when they are passed through the Bluetooth Low Energy service. An attacker can send a...
PT-2024-15176 · Unknown · Sciener-Based Locks
Name of the Vulnerable Software and Affected Versions: Sciener-based locks affected versions not specified Description: The issue allows unencrypted malicious commands to be passed to the lock over Bluetooth Low Energy, as some Sciener-based locks support plaintext message processing. These...
Sciener-based locks Security Vulnerabilities
Sciener is a smart lock firmware from Sciener. A security vulnerability exists in Sciener-based locks that stems from support for plaintext message processing, allowing an attacker to pass unencrypted malicious commands to the lock...
Sciener locks firmware security vulnerability
Sciener is a smart lock firmware from Sciener. A security vulnerability exists in the Sciener locks firmware, which stems from the fact that the firmware update mechanism does not validate the firmware update request if the firmware update is passed to the lock via the Bluetooth Low Energy servic...
UBUNTU-CVE-2024-26629
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...
CVE-2024-26629
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...
SUSE CVE-2024-26614
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. 'Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...
RHEL 9 : kernel-rt (RHSA-2024:1303)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1303 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...
PT-2024-15171 · Kontrol +2 · Kontrol +3
Name of the Vulnerable Software and Affected Versions: Sciener firmware affected versions not specified Description: The issue concerns the use of a non-unique AES key in the pairing process between locks using Sciener firmware and wireless keypads. This key can be reused, potentially compromisin...
PT-2024-15174 · Kontrol +2 · Kontrol +3
Name of the Vulnerable Software and Affected Versions: Sciener firmware affected versions not specified Description: The issue concerns the unlockKey character in locks using Sciener firmware, which can be compromised through brute force attacks by sending repeated challenge requests. This affect...
Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks
Overview Sciener is a company that develops software and hardware for electronic locks that are marketed under many different brands. Their hardware works in tandem with an app, called the TTLock app, which is also produced by Sciener. The TTLock app utilizes Bluetooth connections to connect to...
SUSE CVE-2021-46997
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GICPRIOPSRISET during entry Zenghui reports that booting a kernel with "irqchip.gicv3pseudonmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early in the...
UBUNTU-CVE-2021-47055
In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR...
CVE-2023-52493 bus: mhi: host: Drop chan lock before queuing buffers
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parsexferevent such that a callback given to client can potentially queu...
CVE-2023-52493 bus: mhi: host: Drop chan lock before queuing buffers
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parsexferevent such that a callback given to client can potentially queu...