6175 matches found
CVE-2017-18360
In changeportsettings in drivers/usb/serial/ioti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates...
CVE-2017-18360
CVE-2017-18360 affects the Linux kernel: in drivers/usb/serial/io_ti.c, change_port_settings before version 4.11.3 allows a local attacker to trigger a division-by-zero in the serial device layer when attempting to set very high baud rates, causing a denial of service. Public references (NVD entr...
CVE-2017-18360
In changeportsettings in drivers/usb/serial/ioti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates...
CVE-2017-18360
In changeportsettings in drivers/usb/serial/ioti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates...
CVE-2017-18360
In changeportsettings in drivers/usb/serial/ioti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates...
UBUNTU-CVE-2017-18360
In changeportsettings in drivers/usb/serial/ioti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2018:4086-1)
This update for qemu fixes the following issues : Security issue fixed : CVE-2018-16847: Fixed an out of bounds r/w buffer access in cmb operations bsc1114529. Non-security issue fixed: Fixed serial console issue in SLES 12 SP2 that triggered a qemu-kvm bug bsc1108474. Note that Tenable Network...
CVE-2018-20342
The Floureon IP Camera SP012 provides a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges...
AZL-34325 CVE-2018-20169 affecting package kernel for versions less than 5.15.148.2-2
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to usbgetextradescriptor in drivers/usb/core/usb.c...
openSUSE Security Update : qemu (openSUSE-2018-1551)
This update for qemu fixes the following issues : Security issue fixed : - CVE-2018-16847: Fixed an out of bounds r/w buffer access in cmb operations bsc1114529. Non-security issue fixed : - Fixed serial console issue that triggered a qemu-kvm bug bsc1108474. This update was imported from the...
Security update for qemu (important)
This update for qemu fixes the following issues: Security issue fixed: - CVE-2018-16847: Fixed an out of bounds r/w buffer access in cmb operations bsc1114529. Non-security issue fixed: - Fixed serial console issue that triggered a qemu-kvm bug bsc1108474. This update was imported from the...
SUSE-SU-2018:4086-1 Security update for qemu
This update for qemu fixes the following issues: Security issue fixed: - CVE-2018-16847: Fixed an out of bounds r/w buffer access in cmb operations bsc1114529. Non-security issue fixed: - Fixed serial console issue in SLES 12 SP2 that triggered a qemu-kvm bug bsc1108474...
PT-2018-2862 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.19.9 Description: An issue in the Linux kernel's USB subsystem mishandles size checks during the reading of an extra descriptor, related to the usb get extra descriptor function in drivers/usb/core/usb.c. This...
ZTE ZXHN F670 Information Disclosure Vulnerability
The ZTE ZXHN F670 is a modem from China's ZTE Corporation ZTE. An information disclosure vulnerability exists in ZTE ZXHN F670 V1.1.10P3T18 and earlier versions, which can be exploited by an attacker to obtain GPON SN information with the help of appviahttp service...
CVE-2018-7360
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp service...
Serial number disclosure in the FortiOS PPTP server hostname protocol field
Fortigate PPTP service reveals serial number of FortiGate in the hostname field defined in connection control setup packets of PPTP protocol...
USN-3822-1 linux vulnerabilities
Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the BP and OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service guest OS crash. CVE-2016-9588 It was discovered that the generic SCSI driver in the Linux kernel did...
Description of the security update for the Windows COM elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: November 13, 2018
Description of the security update for the Windows COM elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: November 13, 2018 Summary An elevation of privilege exists in Windows COM Aggregate Marshaler. An elevation of privilege vulnerability...
ZTE ZXR10 8905E TCP Initial Serial Number (ISN) Reuse Vulnerability
The ZTE ZXR10 8905E is a router product from China's ZTE ZTE. A security vulnerability exists in the ZTE ZXR10 8905E 3.03.10.B23P2 and previous versions. A remote attacker can exploit this vulnerability to conduct spoofing attacks...
kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service
A division-by-zero in settermios, when debugging is enabled, was found in the Linux kernel. When the ioti driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the changeportsettings in the drivers/usb/serial/ioti.c so that the divisor value becomes zero and...