CVE-2022-48942 hwmon: Handle failure to register sensor with thermal zone correctly

In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devmthermalzoneofsensorregister may return -ENODEV. This may result in crashes...

CVE-2022-48942 hwmon: Handle failure to register sensor with thermal zone correctly

In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devmthermalzoneofsensorregister may return -ENODEV. This may result in crashes...

CVE-2022-48942 hwmon: Handle failure to register sensor with thermal zone correctly

In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devmthermalzoneofsensorregister may return -ENODEV. This may result in crashes...

CVE-2022-48942

In CVE-2022-48942, the Linux kernel hwmon subsystem can crash if a sensor’s registration with a thermal zone fails; specifically devm_thermal_zone_of_sensor_register() may return -ENODEV, potentially leading to a NULL pointer dereference in thermal_zone_device_update paths. The described call seq...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in Linux kernel that stems from a failure to properly handle errors when a call to the devmthermalzoneofsensorregister function fails...

CVE-2024-6348

Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima 2022 allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests...

CVE-2024-6348 Predictable seed generation after ECU reset

Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima 2022 allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests...

CVE-2024-6348 Predictable seed generation after ECU reset

Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima 2022 allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests...

Nissan Altima Blind Spot Detection Sensor ECU 安全漏洞

The Nissan Altima Blind Spot Detection Sensor ECU is a blind spot detection sensor from Nissan Japan. A security vulnerability exists in the Nissan Altima Blind Spot Detection Sensor ECU that stems from predictable seed generation in the security access mechanism of the UDS, allowing an attacker ...

PT-2024-37557 · Nissan · Nissan Altima Blind Spot Protection Sensor Ecu

Name of the Vulnerable Software and Affected Versions: Nissan Altima 2022 Blind Spot Protection Sensor ECU Description: The issue concerns predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU. This predictability allows attackers to forecast...

CVE-2024-6347

The CVE-2024-6347 issue affects Nissan Altima (2022) with the Blind Spot Detection Sensor ECU firmware. It describes an unprotected UDS session enabling privileged-mode access, allowing unauthorized DoS-inducing commands and disruption of ECU operations without authentication. Several sources rei...

CVE-2024-6347 Unauthorized access to ECU functionality

Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima 2022 allows attackers to trigger denial-of-service DoS by unauthorized access to the ECU's programming session. No preconditions implemented for ECU management functionality...

Nissan Altima Blind Spot Detection Sensor ECU 安全漏洞

The Nissan Altima Blind Spot Detection Sensor ECU is a blind spot detection sensor from Nissan Japan. A security vulnerability exists in Nissan Altima Blind Spot Detection Sensor ECU version 2022, which arises from an unprotected UDS session in the blind spot detection sensor ECU firmware, allowi...

kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field

A vulnerability was found in the Linux kernel's hwmon driver for the w83792d module where a NULL pointer dereference was caused by the lm75 obsolete structure field. During specific device read operations, if certain conditions are met, the driver may attempt to access a NULL pointer because this...

thermal/drivers/tsens: Fix null pointer dereference

...

CrowdStrike Reveals Root Cause of Global System Outages

Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The "Channel File 291" incident, as originally highlighted in its Preliminary Post Incident Review PIR, has been traced bac...

Alien ALR-F800 授权问题漏洞

The Alien ALR-F800 is an RFID sensor from Alien. An authorization issue vulnerability exists in Alien ALR-F800 version 19.10.24.00 and prior versions, which stems from the cmd parameter in the /var/www/cmd.php file containing an improper authorization vulnerability...

SUSE CVE-2024-42086

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate functions There are cases in the compensate functions of the driver that there could be overflows of variables due to bit shifting ops. These implications were initially discusse...

Plug and Track Sensor Net Connect 安全漏洞

Plug and Track Sensor Net Connect is a smart sensor from the French company Plug and Track. It is used to monitor temperature, humidity, pressure, CO2 and other parameters. A security vulnerability exists in Plug and Track Sensor Net Connect version V2, which stems from a cross-site request forge...

PT-2024-23626 · Unknown · Plug&Track Sensor Net Connect V2

Name of the Vulnerable Software and Affected Versions: Plug&Track Sensor Net Connect V2 version 2.24 Description: A Cross-Site Request Forgery CSRF issue can be exploited by remote attackers to perform state-changing operations with administrative privileges. This is done by luring authenticated...