PT-2022-5369 · Microsoft · Windows Usb Serial Driver +1

Name of the Vulnerable Software and Affected Versions: Windows USB Serial Driver affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows USB Serial Driver, which can be exploited to gain unauthorized access to confidential...

CVE-2022-38030

Technical details about CVE-2022-38030 are not provided in the supplied documents. Public information about affected product versions, exploitation status, and fixes is not available here; monitor for updates from official advisories.

CVE-2022-36063 USBX Host CDC ECM integer underflow with buffer overflow

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9871)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-9871 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753 CVE-2022-3028 - lockdown: also lock down previous kgdb use Daniel Thompson...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9870)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9870 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753 CVE-2022-3028 - lockdown: also lock down previous kgdb use Daniel Thompson...

CVE-2022-39848

Exposure of sensitive information in ATDistributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log...

SAMSUNG Mobile devices 信息泄露漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2022 Release 1 version, which originates from exposing sensitive information in ATDistributor. A local...

AZL-11080 CVE-2022-41849 affecting package kernel for versions less than 5.15.82.1-1

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open, aka a race condition between ufxopsopen and ufxusbdisconnect...

UBUNTU-CVE-2022-41849

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open, aka a race condition between ufxopsopen and ufxusbdisconnect...

pyFlipper - Unoffical Flipper Zero Cli Wrapper Written In Python

Unoffical Flipper Zero cli wrapper written in Python Functions and characteristics: Flipper serial CLI wrapper Websocket client interface Setup instructions: $ git clone https://github.com/wh00hw/pyFlipper.git $ cd pyFlipper $ python3 -m venv venv $ source venv/bin/activate $ pip install -r...

DEBIAN-CVE-2022-2347

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

UBUNTU-CVE-2022-2347

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

DENX Software Engineering Das U-Boot 缓冲区错误漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in DENX Software Engineering Das U-Boot that originates from an unchecked download size and direction in the USB DFU, which can be exploited by an attacker to...

The vulnerability of the USB device subsystem in the Linux operating system allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the USB device subsystem in the Linux operating system is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

GSD-2022-1006294 tty: serial: Fix refcount leak bug in ucc_uart.c

tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.326 by commit...

GSD-2022-1006209 tty: serial: Fix refcount leak bug in ucc_uart.c

tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

GSD-2022-1006096 tty: serial: Fix refcount leak bug in ucc_uart.c

tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...

GSD-2022-1005953 tty: serial: Fix refcount leak bug in ucc_uart.c

tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...

GSD-2022-1005766 tty: serial: Fix refcount leak bug in ucc_uart.c

tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.138 by commit...

GSD-2022-1005471 tty: serial: Fix refcount leak bug in ucc_uart.c

tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...