Lucene search
K

117 matches found

OSV
OSV
added 2022/09/17 1:6 a.m.8 views

GSD-2022-1006208 mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start

mips: cavium-octeon: Fix missing ofnodeput in octeon2usbclocksstart This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/17 12:55 a.m.11 views

GSD-2022-1006098 mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start

mips: cavium-octeon: Fix missing ofnodeput in octeon2usbclocksstart This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/17 12:42 a.m.7 views

GSD-2022-1005954 mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start

mips: cavium-octeon: Fix missing ofnodeput in octeon2usbclocksstart This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/17 12:25 a.m.9 views

GSD-2022-1005767 mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start

mips: cavium-octeon: Fix missing ofnodeput in octeon2usbclocksstart This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.138 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/17 12:0 a.m.14 views

GSD-2022-1005470 mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start

mips: cavium-octeon: Fix missing ofnodeput in octeon2usbclocksstart This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/16 11:29 p.m.20 views

GSD-2022-1005079 mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start

mips: cavium-octeon: Fix missing ofnodeput in octeon2usbclocksstart This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...

7.2AI score
Exploits0
Oracle linux
Oracle linux
added 2021/02/05 12:0 a.m.318 views

glibc security and bug fix update

2.17-322.0.2 - merge RH el7 u9 errata patches with Oracle patches Review-exception: Simple merge - merge RH el7 u9 patches with Oracle patches Review-exception: Simple merge - Four patches to match 3rd patch bundle from Marvell - modify MIPS values in elf/elf.h - add sysdeps/aarch64/sys/ifunc.h -...

7.5CVSS7.8AI score0.03538EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.5 views

The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS) makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.

...

7.5CVSS7AI score0.02425EPSS
Exploits0
Talos
Talos
added 2019/03/19 12:0 a.m.183 views

Das U-Boot verified boot bypass

Summary An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot’s verified boot and execute an unsigned kernel, embedded in...

8.2CVSS7.1AI score0.00276EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.93 views

CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability

Summary An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated...

9.8CVSS9.2AI score0.01857EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.952 views

CUJO Smart Firewall mdnscap mDNS character-strings code execution vulnerability

Summary An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The string lengths are handled incorrectly when parsing character strings in mDNS resource records, leading to arbitrary code execution in the context of the mdnscap...

9.8CVSS9.3AI score0.01829EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2018/05/17 12:0 a.m.5 views

The vulnerability in the implementation of the TLS protocol for Cavium Nitrox SSL, Nitrox V SSL, Octeon SSL, and TurboSSL development tools allows a hacker to disclose sensitive information that should be protected.

The vulnerability of the TLS Transport Layer Security implementation in Cavium Nitrox SSL, Nitrox V SSL, Octeon SSL, and TurboSSL development kits is related to errors in the TLS standard’s implementation. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

7.1CVSS7.2AI score0.1501EPSS
Exploits0References7Affected Software7
NVD
NVD
added 2016/07/26 5:59 p.m.36 views

CVE-2015-5738

The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

7.5CVSS7.3AI score0.02425EPSS
Exploits0References3
Prion
Prion
added 2016/07/26 5:59 p.m.28 views

Design/Logic Flaw

The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

5CVSS6.8AI score0.02425EPSS
Exploits0References3Affected Software2
UbuntuCve
UbuntuCve
added 2016/07/26 5:59 p.m.35 views

CVE-2015-5738

The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

7.5CVSS6.5AI score0.02425EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/07/26 5:0 p.m.35 views

CVE-2015-5738

The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

7.2AI score0.02425EPSS
Exploits0References3
CVE
CVE
added 2016/07/26 5:0 p.m.90 views

CVE-2015-5738

The CVE-2015-5738 issue concerns the Cavium SDK 2.x RSA-CRT implementation used on OCTEON II CN6xxx hardware under Linux to support TLS with PFS. A Lenstra fault-side channel attack could allow remote attackers to obtain private RSA keys. Connected advisories indicate mitigations exist in vendor/...

7.5CVSS7.1AI score0.02425EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder