CVE-2019-19195

The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...

USN-7523-1 linux-raspi-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7522-1 linux-azure-nvidia vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

USN-7513-3 linux-azure, linux-azure-6.8, linux-oem-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

USN-7513-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-7515-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7515-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

SUSE CVE-2025-37815

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current...

DEBIAN-CVE-2025-37815

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current...

UBUNTU-CVE-2025-37815

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current...

CVE-2025-37815 misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current...

CVE-2022-49806

In the Linux kernel, the following vulnerability has been resolved: net: microchip: sparx5: Fix potential null-ptr-deref in sparxstatsinit and sparx5start sparxstatsinit calls createsinglethreadworkqueue and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:...

CVE-2022-49806 net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()

In the Linux kernel, the following vulnerability has been resolved: net: microchip: sparx5: Fix potential null-ptr-deref in sparxstatsinit and sparx5start sparxstatsinit calls createsinglethreadworkqueue and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:...

CVE-2022-49806

In the Linux kernel, the following vulnerability has been resolved: net: microchip: sparx5: Fix potential null-ptr-deref in sparxstatsinit and sparx5start sparxstatsinit calls createsinglethreadworkqueue and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:...

Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 - SQL Injection

Exploit Title: Microchip TimeProvider 4100 Grandmaster Data plot modules 2.4.6 - SQL Injection Exploit Author: Armando Huesca Prida, Marco Negro Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of Disclosure:...

📄 Microchip TimeProvider 4100 Grandmaster 2.4.6 Command Injection

Microchip TimeProvider 4100 Grandmaster version 2.4.6 suffers from a remote command injection vulnerability. Exploit Title: Microchip TimeProvider 4100 Grandmaster Config File - Remote Code Execution RCE Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antoni...

📄 Microchip TimeProvider 4100 Grandmaster 2.4.6 Cross Site Scripting

Microchip TimeProvider 4100 Grandmaster version 2.4.6 suffers from a persistent cross site scripting vulnerability. Exploit Title: Microchip TimeProvider 4100 Grandmaster banner - Stored XSS Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero,...

Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)

Exploit Title: Microchip TimeProvider 4100 Grandmaster Banner Config Modules 2.4.6 - Stored Cross-Site Scripting XSS Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of...

Microchip TimeProvider 4100 (Configuration modules) 2.4.6 - OS Command Injection

Exploit Title: Microchip TimeProvider 4100 Configuration modules 2.4.6 - OS Command Injection Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of Disclosure: 27/06/2024 Date...

Ubuntu 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-7381-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7381-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a...

USN-7382-1 linux-oem-6.11 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...