CVE-2024-38633

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Update uartdriverregistered on driver removal The removal of the last MAX3100 device triggers the removal of the driver. However, code doesn't update the respective global variable and after insmod — rmmod — insm...

UBUNTU-CVE-2024-38633

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Update uartdriverregistered on driver removal The removal of the last MAX3100 device triggers the removal of the driver. However, code doesn't update the respective global variable and after insmod — rmmod — insm...

CVE-2024-38634

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

CVE-2024-38634 serial: max3100: Lock port->lock when calling uart_handle_cts_change()

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

CVE-2024-38634

CVE-2024-38634 affects Linux kernel serial/max3100: a race occurs when uart_handle_cts_change() runs from a workqueue without holding port->lock, risking a kernel warning and potential crash. The fix enforces taking port lock before calling uart_handle_cts_change(), preventing the splat observ...

CVE-2024-38634 serial: max3100: Lock port->lock when calling uart_handle_cts_change()

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the serial:max3100 module not updating uartdriverregistered on driver removal...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tpmtisspi module not considering SPI headers when allocating TPMSPIxfer buffers...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a race condition issue in the usb:gadget:uaudio module...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the serial:max3100 module locking port-lock when calling uarthandlectschange...

PT-2024-20211 · Sony · Sony Xav-Ax5500

Name of the Vulnerable Software and Affected Versions: Sony XAV-AX5500 affected versions not specified Description: This issue allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this issue...

CVE-2023-25646

There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations...

CVE-2023-25646

There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations...

CVE-2023-25646 Permission and Access Control Vulnerability in ZTE H388X

There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from a reference count leak in the spi:uniphier module uniphierspiprobe...

DEBIAN-CVE-2024-38567

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports 1 hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a specific 4th endpoint,...

AMD Ryzen Security Breach

AMD Ryzen is a central processing unit CPU from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Ryzen that stems from a potential issue in the SPI protection feature that could allow an attacker with kernel-mode access to bypass the native system management mode ROM protecti...

The vulnerability of the disable_{show,store}() functions in the Linux kernel USB driver allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the disableshow,store functions in the drivers/usb/core/port.c file of the Linux kernel’s USB driver is related to an infinite waiting loop for resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the interface_authorized_store() function in the Linux kernel USB driver allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the interfaceauthorizedstore function in the drivers/usb/core/sysfs.c file of the Linux USB driver kernel is related to an infinite wait loop for resources. Exploiting this vulnerability could allow a attacker to compromise the confidentiality, integrity, and accessibility of...

PT-2024-27978 · Gnome +2 · Gnome Settings Daemon +2

Name of the Vulnerable Software and Affected Versions: GNOME Settings Daemon versions through 46.0 Description: Mismatches in interpreting USB authorization policy between GNOME Settings Daemon and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access...