15 matches found
CVE-2023-54249
The CVE concerns the Linux kernel component bus: mhi: ep. The issue arises when handling STOP and RESET commands: the system may send a -ENOTCONN status even if the client driver is not available, which could lead to a null pointer dereference. The available connected sources confirm this is a ke...
PT-2025-54078
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: The read pointer is updated only after the buffer has been written. Within mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written. This may lead to race conditions, where the host see...
EUVD-2023-60010
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpubuffer during resize process When ringbufferswapcpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a premature update of the read pointer by the mhi ep bus module, which could lead to data corruption...
Vulnerability of the mhipciremove() function in the drivers/bus/mhi/pcigeneric.c module – A driver for the MHI bus in the Linux kernel, which allows a hacker to cause a service failure.
Vulnerability of the mhipciremove function in the drivers/bus/mhi/pcigeneric.c module – The MHI driver in the Linux kernel is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a system failure...
AZL-59916 CVE-2025-21951 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...
CVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...
CVE-2025-21951
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...
Vulnerability of the mhi_queue() function in the drivers/bus/mhi/core/main.c module – The MHI bus driver in the Linux kernel allows a hacker to cause a service failure.
Vulnerability of the mhiqueue function in the drivers/bus/mhi/core/main.c module – The MHI driver in the Linux kernel is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2021-47286
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value between 0 and 255. In order to prevent any out of bound...
CVE-2021-47286
CVE-2021-47286 affects the Linux kernel MHI bus core. The issue arises when processing command completions: the channel ID read from the device event ring can be any value 0–255, risking out-of-bounds accesses. The fix adds a bounds check against the controller’s maximum channels and against chan...
CVE-2021-47286
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value between 0 and 255. In order to prevent any out of bound...
CVE-2021-46970
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pcigeneric: Remove WQMEMRECLAIM flag from state workqueue A recent change created a dedicated workqueue for the state-change work with WQHIGHPRI no strong reason for that and WQMEMRECLAIM flags, but the state-change wor...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Fix invalid error returning in mhiqueue mhiqueue returns an error when the doorbell is not accessible in the current state. This can happen when the device is in non M0 state, like M3, and needs to be waken-up pri...