CVE-2023-52457

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pmruntimeresumeandget failed Returning an error code from .remove makes the driver core emit the little helpful error message: remove callback returned a non-zero value. This wil...

CVE-2023-52456

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TXEN pin. When the TTY port is closed in the middle of a...

kernel: HID: check empty report_list in hid_validate_values()

A memory corruption flaw was found in the Linux kernel’s human interface device HID subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: HID: check empty report_list in hid_validate_values()

A memory corruption flaw was found in the Linux kernel’s human interface device HID subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system...

The vulnerability of the USB Generic Parent driver in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the USB Generic Driver in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2024-22727

Teltonika TRB1-series devices with firmware before TRB1R00.07.05.2 allow attackers to exploit a firmware vulnerability via Ethernet LAN or USB...

Teltonika Networks TRB1 Series Security Vulnerability

Teltonika Networks TRB1 Series is a series of IoT gateways from Teltonika Networks. A security vulnerability exists in Teltonika Networks TRB1 Series versions prior to TRB1R00.07.05.2. An attacker could exploit this vulnerability to perform malicious attacks over an Ethernet LAN or USB...

Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.

...

PT-2024-19546

Name of the Vulnerable Software and Affected Versions Teltonika TRB1-series devices versions prior to TRB1 R 00.07.05.2 Description The issue allows attackers to exploit a firmware vulnerability via Ethernet LAN or USB. Recommendations For versions prior to TRB1 R 00.07.05.2, update the firmware ...

USN-6635-1 linux-gcp-6.2 vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lucas...

CVE-2024-21339

Windows USB Generic Parent Driver Remote Code Execution Vulnerability...

AMD EPYC Security Vulnerability

AMD EPYC is an x86 server microprocessor product line from AMD Semiconductor, known as "Xiao Long" in Chinese, utilizing the Zen microarchitecture. A security vulnerability exists in AMD EPYC™ Processors. The vulnerability can be exploited to write to the SPI flash memory to execute arbitrary cod...

Microsoft Windows USB Serial Driver Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in the Microsoft Windows USB Serial Driver. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

PT-2024-11958 · Unknown · System Management Mode

Name of the Vulnerable Software and Affected Versions: System Management Mode SMM affected versions not specified Description: The issue is related to improper access control in System Management Mode SMM, which may allow an attacker to access the SPI flash, potentially leading to arbitrary code...

UBUNTU-CVE-2024-25741

printerwrite in drivers/usb/gadget/function/fprinter.c in the Linux kernel through 6.7.4 does not properly call usbepqueue, which might allow attackers to cause a denial of service or have unspecified other impact...

Unbreakable Enterprise kernel security update

4.14.35-2047.533.3 - net: rfkill: gpio: set GPIO direction Rouven Czerwinski - sched/fair: Fix tg-load when offlining a CPU Vincent Guittot Orabug: 36185208 - IB/cm: Cancel mad on the DREQ event when the state is MRAREPRCVD Mark Zhang Orabug: 36143229 - sched/rt: picknextrtentity: check listentry...

Silicon Labs EmberZNet Security Vulnerability

Silicon Labs EmberZNet is a complete Zigbee protocol package from Silicon Labs, Inc. that contains all the elements required for robust and reliable mesh networking applications on the Silicon Labs Ember platform. A security vulnerability exists in Silicon Labs EmberZNet prior to version v7.4.0,...

SUSE CVE-2023-0011

A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...

kernel: HID: check empty report_list in hid_validate_values()

A memory corruption flaw was found in the Linux kernel’s human interface device HID subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system...

In the Linux kernel before 6.5.9 there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.

...