563 matches found
CVE-2022-46401
The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 accepts PauseEncReqPlainText before pairing is complete...
CVE-2022-46400
The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 allows attackers to bypass passkey entry in legacy pairing...
CVE-2022-46400
CVE-2022-46400 affects Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112, enabling an attacker to bypass passkey entry in legacy Bluetooth pairing. The publicly documented impact is a bypass of authentication during legacy pairing, with CVSSv3.1 metr...
CVE-2022-46399
The CVE-2022-46399 issue affects Microchip RN4870 module firmware version 1.43 and the Microchip PIC LightBlue Explorer Demo version 4.2 DT100112, described as an unresponsive state caused by ConReqTimeoutZero. The vulnerability is documented with a CVSS v3.1 base score of 7.5 (HIGH) and an adjac...
PT-2022-27852 · Microchip · Pic Lightblue Explorer Demo +1
Name of the Vulnerable Software and Affected Versions: Microchip RN4870 module firmware version 1.43 Microchip PIC LightBlue Explorer Demo version 4.2 DT100112 Description: The issue allows attackers to bypass passkey entry in legacy pairing. Recommendations: For Microchip RN4870 module firmware...
CVE-2022-46401
The CVE-2022-46401 affects Microchip RN4870 module firmware v1.43 and the Microchip PIC LightBlue Explorer Demo v4.2 DT100112, where PauseEncReqPlainText is accepted before pairing is complete. This can place the low-power Bluetooth stack in a faulty state, discarding other messages and causing s...
CVE-2022-46399
The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 is unresponsive with ConReqTimeoutZero...
PT-2022-27854 · Microchip · Microchip Pic Lightblue Explorer Demo +1
Name of the Vulnerable Software and Affected Versions: Microchip RN4870 module firmware version 1.43 Microchip PIC LightBlue Explorer Demo version 4.2 DT100112 Description: The issue concerns the acceptance of PairCon rmSend with incorrect values. This affects the Microchip RN4870 module firmware...
Microchip RN4870 安全漏洞
The Microchip RN4870 is a Bluetooth low energy module chip from Microchip, Inc. A security vulnerability exists in the Microchip RN4870 module firmware version 1.43, which stems from a denial of message issue, which could potentially create interoperability issues between different devices...
CVE-2022-46403
The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 mishandles reject messages...
Microchip RN4870 安全漏洞
The Microchip RN4870 is a Bluetooth low power module chip from Microchip, Inc. A security vulnerability exists in the Microchip RN4870 module firmware version 1.43, which originates from accepting PauseEncReqPlainText before pairing is complete, the low-power Bluetooth implementation enters a...
Heap overflow
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTRCHANNELLIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi...
Out-of-bounds
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network RSN information element from a Netlink packet...
GSD-2022-1007900 net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
net: microchip: sparx5: Fix potential null-ptr-deref in sparxstatsinit and sparx5start This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 ...
GSD-2022-1007728 net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
net: microchip: sparx5: Fix potential null-ptr-deref in sparxstatsinit and sparx5start This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 b...
GSD-2022-1005613 PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()
PCI: microchip: Fix refcount leak in mcpcieinitirqdomains This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
GSD-2022-1005266 PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()
PCI: microchip: Fix refcount leak in mcpcieinitirqdomains This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
GSD-2022-1004349 net: dsa: microchip: ksz_common: Fix refcount leak bug
net: dsa: microchip: kszcommon: Fix refcount leak bug This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...
USN-5515-1: Linux kernel vulnerabilities
Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Jann Horn discovered that the FUSE file system i...
USN-5416-1: Linux kernel (OEM) vulnerabilities
Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...