PT-2024-39019 · Planet Technology · Planet Technology Switch

Name of the Vulnerable Software and Affected Versions: PLANET Technology switches affected versions not specified Description: The issue concerns a hard-coded credential in the password recovering functionality of certain switch models from PLANET Technology. This allows an unauthenticated attack...

The vulnerability of the qcom-geni-serial component in the Linux operating system allows for interference with the confidentiality and accessibility of protected information.

The vulnerability of the qcom-geni-serial component in the Linux operating system is related to it exceeding the buffer limits of the RX FIFO. Exploiting this vulnerability could allow an attacker to influence the confidentiality and accessibility of the protected information...

PLANET switch devices 信任管理问题漏洞

PLANET switch devices are a family of switch devices from PLANET Corporation in China. A trust management issue vulnerability exists in PLANET switch devices that stems from hard-coded credentials in the password recovery feature, allowing an unauthenticated attacker to connect to the device via...

CVE-2024-47290

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability...

OESA-2024-2189 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound t...

PT-2024-32502 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue is related to an input validation vulnerability in the USB service module. Successful exploitation of this vulnerability may affect availability. Recommendations: At the moment,...

Ubuntu: Security Advisory (USN-7003-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7003-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-4 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...

CGA-XW84-FH6P-W3WF

Bulletin has no description...

CGA-M78G-5RXQ-8J78

Bulletin has no description...

CGA-2QJ9-QCVP-J2XV

Bulletin has no description...

CGA-VQ6R-7W7C-77RC

Bulletin has no description...

The vulnerability of the hypervisor in FreeBSD operating systems allows a hacker to execute arbitrary code.

The vulnerability of the hypervisor in FreeBSD operating systems relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on a host using a virtual USB device connected to the XHCI interface...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7009-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7009-2 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...

kernel: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect

A flaw was found in the Linux kernel. This issue can cause a potential crash on the receiver USB disconnect...

kernel: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages

A vulnerability was found in the Linux kernel's CDC WDM driver, where excessive logging in the interrupt-URB completion callback could lead to CPU lockups, which occurs when the driver rapidly resubmits interrupt URBs after receiving a -EPROTO status, causing a backlog of error messages that...

kernel: serial: core: fix transmit-buffer reset and memleak

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix transmit-buffer reset and memleak Commit 761ed4a94582 "tty: serialcore: convert uartclose to use ttyportclose" converted serial core to use ttyportclose but failed to notice that the transmit buffer still needs ...

kernel: USB: core: Make do_proc_control() and do_proc_bulk() killable

In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...

kernel: usb: atm: cxacru: fix endpoint checking in cxacru_bind()

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...

kernel: usb-storage: alauda: Check whether the media is initialized

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. - Add a membe...