CVE-2024-26998 serial: core: Clearing the circular buffer before NULLifying it

In the Linux kernel, the following vulnerability has been resolved: serial: core: Clearing the circular buffer before NULLifying it The circular buffer is NULLified in uartttyportshutdown under the spin lock. However, the PM or other timer based callbacks may still trigger after this event withou...

CVE-2024-26978

In the Linux kernel, the following vulnerability has been resolved: serial: max310x: fix NULL pointer dereference in I2C instantiation When trying to instantiate a max14830 device from userspace: echo max14830 0x60 /sys/bus/i2c/devices/i2c-2/newdevice we get the following error: Unable to handle...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security flaw in the uarthandlectschange function in serialcore...

kernel: HID: sony: Fix a potential memory leak in sony_probe()

In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential memory leak in sonyprobe If an error occurs after a successful usballocurb call, usbfreeurb should be called...

kernel: Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...

kernel: usb-storage: alauda: Fix uninit-value in alauda_check_media()

An uninitialized value vulnerability was found in the alauda USB storage driver in the Linux kernel. In alaudacheckmedia, the function does not verify that USB transfer operations succeeded before using the received data. If a transfer fails, uninitialized memory may be accessed, leading to...

kernel: usb: out-of-bounds read in read_descriptors

An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition...

OESA-2024-1505 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...

OESA-2024-1494 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...

ASUS RT-N12 安全漏洞

The ASUS RT-N12+ B1 is a wireless router. An elevation of privilege vulnerability exists in the ASUS RT-N12+ B1, which can be exploited by an attacker to bypass security restrictions caused by incorrect access control and gain root terminal access via the UART interface by sending a specially...

PT-2024-28088

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition vulnerability has been resolved in the Linux kernel, specifically in the usb: gadget: u audio component. The issue occurred due to the use of controls after free during...

CVE-2024-32482 Tillitis TKey Signer possible RAM disclosure vulnerability

The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the...

Tillitis TKey Signer 安全漏洞

Tillitis TKey Signer is an open source ed25519 signature tool from Tillitis AB. A security vulnerability exists in Tillitis TKey Signer, which originates from the ability to disclose part of the TKey data in RAM via the USB interface...

PT-2024-24214 · Terratec · Terratec Dmx 6Fire Usb

Name of the Vulnerable Software and Affected Versions: Terratec DMX 6Fire USB version 1.23.0.02 Description: An unquoted service path vulnerability allows a local attacker to escalate privileges via the Program.exe component. Recommendations: For Terratec DMX 6Fire USB version 1.23.0.02, consider...

The vulnerability of the USB Print Driver driver for Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the USB Print Driver for Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup versionCode='3', versionName='2.1...

PT-2024-12702 · Unknown · Com.Factory.Mmigroup

Name of the Vulnerable Software and Affected Versions: com.factory.mmigroup version 2.1 Description: An issue was discovered in the com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable...

CVE-2023-38301

CVE-2023-38301 describes a third-party component issue in vendor.gsm.serial that lets any local app read the device serial number via the vendor.gsm.serial system property without permissions. Affected devices span multiple manufacturers: BLU View 2; Boost Mobile Celero 5G; Sharp Rouvo V; Motorol...

CVE-2023-38297

CVE-2023-38297 affects the pre-installed com.factory.mmigroup app (version 2.1) on multiple Android devices. The component runs as the system user and exposes zero-permission capabilities to local apps, including arbitrary AT command execution, programmatic factory reset, IMEI/serial leakage, pow...