210 matches found
CVE-2023-52916 media: aspeed: Fix memory overwrite if timing is 1600x900
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...
CVE-2023-52916 media: aspeed: Fix memory overwrite if timing is 1600x900
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce this issue: 1. Use 1600x900 to display on host 2. Mount ISO through...
IBM OpenBMC Elevation of Privilege Vulnerability
IBM OpenBMC is a Linux distribution from International Business Machines IBM used to manage controllers for devices such as servers, top-of-rack switches, or RAID devices. An elevation of privilege vulnerability exists in IBM OpenBMC, which can be exploited by an attacker to gain administrative...
CVE-2023-49144
Out of bounds read in OpenBMC Firmware for some IntelR Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2023-35123
Uncaught exception in OpenBMC Firmware for some IntelR Server Platforms before versions egs-1.14-0, bhs-0.27 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2023-49144
CVE-2023-49144 is an Out-of-bounds read in OpenBMC Firmware affecting certain Intel Server Platforms. The issue exists in OpenBMC Firmware prior to egs-1.15-0 and prior to bhs-0.27, potentially allowing a privileged user with local access to disclose information. Public sources (Intel advisory an...
CVE-2023-49144
Out of bounds read in OpenBMC Firmware for some IntelR Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2023-35123
Uncaught exception in OpenBMC Firmware for some IntelR Server Platforms before versions egs-1.14-0, bhs-0.27 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2023-35123
Uncaught exception in OpenBMC Firmware for some IntelR Server Platforms before versions egs-1.14-0, bhs-0.27 may allow an authenticated user to potentially enable denial of service via network access...
CVE-2023-49144
Out of bounds read in OpenBMC Firmware for some IntelR Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2023-35123
OpenBMC firmware vulnerability CVE-2023-35123 affects Intel® Server Platform OpenBMC Firmware prior to egs-1.14-0 and bhs-0.27. The issue is an uncaught exception in OpenBMC firmware that may allow an authenticated user to cause a denial of service via network access. Impact is reported as availa...
PT-2024-12501 · Unknown · Openbmc Firmware
Name of the Vulnerable Software and Affected Versions: OpenBMC Firmware versions prior to egs-1.14-0 OpenBMC Firmware versions prior to bhs-0.27 Description: The issue is related to an uncaught exception in OpenBMC Firmware for some IntelR Server Platforms, which may allow an authenticated user t...
PT-2024-13684 · Unknown · Openbmc Firmware
Name of the Vulnerable Software and Affected Versions: OpenBMC Firmware versions prior to egs-1.15-0 OpenBMC Firmware versions prior to bhs-0.27 Description: The issue is an out of bounds read that may allow a privileged user to potentially enable information disclosure via local access...
CVE-2024-35124
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674...
CVE-2024-35124
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674...
CVE-2024-35124 IBM OpenBMC authentication bypass
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674...
CVE-2024-35124 IBM OpenBMC authentication bypass
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674...
CVE-2024-35124
CVE-2024-35124 affects OpenBMC firmware FW1020.00–FW1020.60, FW1030.00–FW1030.50, and FW1050.00–FW1050.10. The root cause is default password/session management during initial installation, enabling a network attacker to gain administrative access to the BMC. Affected products/versions are explic...
OpenBMC Firmware Advisory
Summary: Potential security vulnerabilities in OpenBMC Firmware for some Intel® Server Platforms may allow information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-35123 Description: Uncaug...
PT-2024-26327 · Openbmc · Openbmc
Name of the Vulnerable Software and Affected Versions: OpenBMC versions FW1020.00 through FW1020.60 OpenBMC versions FW1030.00 through FW1030.50 OpenBMC versions FW1050.00 through FW1050.10 Description: A vulnerability in the combination of OpenBMC's default password and session management allows...