kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as EX20v, AX1800, Archer C5v AC1200, TD-W9970, and TD-W9970v3 exists due to the lack of measures to neutralize the special elements used in the operating system. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as EX20v, AX1800, Archer C5v AC1200, TD-W9970, and TD-W9970v3 exists due to the lack of measures taken to neutralize the special elements used in the operating system. Exploiting this vulnerability can allow a hacker ...

The vulnerability of the IPSec VPN microprogramming software for network devices such as ZyXEL USG FLEX, USG FLEX 50(W)/USG20(W)-VPN, and ATP allows a hacker to execute arbitrary code.

The vulnerability of the IPSec VPN microprogramming software for ZyXEL USG FLEX, USG FLEX 50W/USG20W-VPN, and ATP is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending a sequence of specially crafted...

The vulnerability of HP LaserJet Pro printer’s microprogramming software, related to writing beyond the buffer limit, allows a hacker to execute arbitrary code.

The vulnerability of HP LaserJet Pro printer microprogramming software is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

USN-6485-1 intel-microcode vulnerability

Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some IntelR Processors did not properly...

USN-6319-1 amd64-microcode vulnerability

Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel...

USN-6244-1 amd64-microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...

USN-6244-1: AMD Microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...

Cross-Process Information Leak

Bulletin ID: AMD-SB-7008 Potential Impact: Information disclosure Severity: Medium Summary Under specific microarchitectural circumstances, a register in “Zen 2” CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which...

The vulnerability of TP-Link Archer AX21 (AX1800)’s microprogramming software, related to synchronization errors when using a shared resource (“Race Situation”), allows a hacker to execute arbitrary code.

The vulnerability of TP-Link Archer AX21 AX1800’s microprogramming software is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the microprogrammed software of D-Link DAP-2020 and DAP-1360 allows a intruder to execute arbitrary code.

The vulnerability of the microprogrammed software of D-Link’s DAP-2020 and DAP-1360 wireless access points is related to buffer overflows during parameter processing. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the microprogrammed software of Moxa routers series TN-5916, TN-4900, EDR-G903, EDR-G902, and EDR-810 is related to errors in processing input data, which can allow a perpetrator to cause service failures.

The vulnerability of the microprogrammed routing software from Moxa, models TN-5916, TN-4900, EDR-G903, EDR-G902, and EDR-810, is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause service failures by sending specially crafted HTTP/HTTPS...

The vulnerability of BIOS microprogramming systems in Dell laptops, related to insufficient verification of data authenticity, allows attackers to gain unauthorized access to protected information.

The vulnerability of BIOS microprogramming systems in Dell laptops is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

Information Disclosure

intel-microcode is vulnerable to information disclosure. The vulnerability exists due to the improper initialization of shared resources in some IntelR Processors, allowing an attacker to gain sensitive information via local access...

The vulnerability of the Wi-Fi driver microprogramming software for MediaTek’s MC7603E, MC7610, MC7612, MC7613, MC7615, MC7620, MC7622, MC7628, MC7629, and MC7915 allows attackers to enhance their privileges.

The vulnerability of Wi-Fi driver microprogramming software microchips from MediaTek, such as MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, and MT7915, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacke...

Information Disclosure

intel-microcode is vulnerable to information disclosure. The vulnerability exists due to the system enabling users via local access...

Information Disclosure

microcode is vulnerable to information disclosure. An observable timing discrepancy in some IntelR Processors allows an authenticated user to obtain confidential information local access...

The vulnerability of NETGEAR Orbi Wi-Fi systems’ microprogramming software, related to insufficient cleaning of input data, allows intruders to execute arbitrary commands.

The vulnerability of NETGEAR Orbi Wi-Fi systems’ microprogramming software is related to insufficient cleaning of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

The vulnerability of Intel SGX DCAP microprogramming software, which arises due to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of Intel SGX DCAP microprogramming software exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of Intel microprogramming software, related to deficiencies in access control, allows attackers to enhance their privileges.

The vulnerability of Intel microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...