CVE-2023-52494 bus: mhi: host: Add alignment check for event ring read pointer

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "isvalidringptr" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned...

CVE-2023-52494 bus: mhi: host: Add alignment check for event ring read pointer

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "isvalidringptr" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned...

CVE-2023-43513

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element...

CVE-2023-43513 Use of Out-of-range Pointer Offset in PCIe

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element...

CVE-2023-43513

CVE-2023-43513: Memory corruption in Qualcomm components due to an untrusted context read pointer during event-ring processing, which may be advanced with arbitrary values and point to the middle of a ring element. According to the provided data, the CVSS v3.1 base metrics are HIGH for Confidenti...

PT-2023-9555 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's mhi component, where an unaligned read pointer in the event ring could lead to multiple issues like Denial of Service DoS or ring buffer memo...

PT-2022-27331 · Binbloom · Binbloom

Name of the Vulnerable Software and Affected Versions: Binbloom version 2.0 Description: A heap buffer overflow was discovered in Binbloom via the read pointer function at /binbloom-master/src/helpers.c. This issue may be exploited, but details about the estimated number of potentially affected...

Binbloom 缓冲区错误漏洞

Binbloom is an open source tool from Quarkslab. It is used to analyze raw binary firmware and automatically determine some of its characteristics. A security vulnerability exists in Binbloom version 2.0, which originates from a heap buffer overflow contained in the readpointer function via...

Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack Exploit

// Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 85724947 = 00000000051c0f13 const XulsAutomationPrefIsSet = 0x051c0f13...

CVE-2018-14745

CVE-2018-14745 affects the bcmdhd4358 Wi‑Fi driver in the Samsung Galaxy S6 (SM-G920F). The flaw is a buffer overflow in prot_get_ring_space caused by improper validation of the ring buffer read pointer, enabling an attacker who already has code execution on the Wi‑Fi chip to overwrite kernel mem...