6204 matches found
The vulnerability of the serial/pmac_zilog components of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the serial/pmaczilog components of the Linux operating system’s kernel is related to improper locking of resources in the pmzreceivechars function. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-43638
Windows USB Video Class System Driver Elevation of Privilege Vulnerability...
CVE-2024-43634
Windows USB Video Class System Driver Elevation of Privilege Vulnerability...
USN-7100-2: Linux kernel vulnerabilities
Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a deni...
kernel: serial: 8250: Reinit port->pm on port specific driver unbind
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port-pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the generic serial8250 driver takes over the port. After that we see an oops about 10 seconds later. This can...
kernel: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error
A memory leak vulnerability was found in the Samsung serial TTY driver in the Linux kernel. In s3c24xxserialgetclk, when clkgetrate fails, the previously allocated clock resource is not freed, leading to a memory leak. Repeated failures can cause resource exhaustion...
kernel: spi: Fix null dereference on suspend
In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous noqueue transfer can be active during a system suspend. This can cause a null pointer dereference exception to occur when the system resumes. Exampl...
kernel: drivers: serial: jsm: fix some leaks in probe
In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly...
kernel: md: fix kmemleak of rdev->serial
A memory leak flaw was found in rdev-serial in the Linux kernel. This issue may lead to a crash...
kernel: serial: 8250_bcm7271: fix leak in `brcmuart_probe`
A resource leak flaw was found in the Broadcom BCM7271 serial driver. In the brcmuartprobe function, the baudmuxclk clock is prepared and enabled but not released in error paths, causing a clock resource leak when driver probe fails...
kernel: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk
In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsungtty: Fix a memory leak in s3c24xxserialgetclk when iterating clk When the best clk is searched, we iterate over all possible clk. If we find a better match, the previous one, if any, needs to be freed. If a...
kernel: serial: sprd: Fix DMA buffer leak issue
A flaw was found in the serial: sprd driver in the Linux kernel where a DMA buffer allocated during driver probe was not released when probe returned failure. This results in a memory leak that, under repeated probe failure conditions, could cause elevated kernel memory usage and potential resour...
kernel: serial: imx: Introduce timeout when waiting on transmitter empty
A vulnerability was found in the Linux kernel's imx serial driver, where the system could experience DoS while waiting for the transmitter to become empty, without a timeout mechanism, the code risks entering a deadlock situation if the USR2TXDC signal is not set...
kernel: USB: core: Fix access violation during port device removal
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
kernel: serial: amba-pl011: avoid SBSA UART accessing DMACR register
A flaw was found in the Linux kernel’s AMBA-PL011 serial driver used on ARM Server Base System Architecture platforms. The existing stoprx operation shared between generic SBSA UARTs and AMBA-PL011 UARTs invoked pl011dmarxstop, which attempts to access the DMA Control Register DMACR. SBSA generic...
kernel: USB: core: Fix deadlock in usb_deauthorize_interface()
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usbdeauthorizeinterface The Linux kernel CVE team has assigned CVE-2024-26934 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26934-e2fc@gregkh/T...
PT-2024-25420 · Ami · Aptiov
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An exploit is possible where an actor with physical access can manipulate SPI flash without being detected. There is no information provided about the...
Microsoft Windows USB Video Class driver 缓冲区错误漏洞
Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to elevate privileges. The following products and...
Microsoft Windows USB Video Class driver 缓冲区错误漏洞
Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to elevate privileges. The following products and edition...
Microsoft Windows USB Video Class driver 缓冲区错误漏洞
Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to elevate privileges. The following products and...