Serial port access without authentication vulnerability in Huawei B2338-168 CPE device outdoor unit

The Huawei B2338-168 is a wireless terminal device from Huawei, China, capable of receiving WiFi signals. outdoor unit is one of the units used for sending and receiving signals. An unauthenticated serial port access vulnerability exists in the outdoor unit of the Huawei B2338-168 CPE device. An...

Fedora 25 : xen (2017-ed735463e3)

Qemu: usb: ohci: infinite loop due to incorrect return value CVE-2017-9330 1457698 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort CVE-2017-10664 1466466 revised full fix for XSA-226 regressed 32-bit Dom0 or backend domains ---- full fix for XSA-226, replacing workaround drop conflic...

PT-2017-3151 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.6 Description: The issue is related to the cdc parse cdc header function in drivers/usb/core/message.c, which allows local users to cause a denial of service, including out-of-bounds read and system crash, ...

PT-2017-3159 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.6 Description: The issue is caused by a buffer overflow in the Linux kernel, specifically in the drivers/uwb/uwbd.c file. This can be exploited by a local user using a crafted USB device, potentially leadin...

Cisco IOS XE Software Arbitrary File Overwrite Vulnerability

Cisco ASR 920 Series Aggregation Services Routers are Cisco's ASR 920 series of multifunction routers.Cisco IOS XE Software is one of the operating systems dedicated to network devices. A security vulnerability exists in the USB-modem code of the IOS XE Software in the Cisco ASR 920 Series...

Cisco IOS XE Software Command Execution Vulnerability

Cisco ASR 920 Series Aggregation Services Routers are Cisco's ASR 920 series of multifunction routers.Cisco IOS XE Software is one of the operating systems dedicated to network devices. An arbitrary command execution vulnerability exists in the USB-modem code of the IOS XE Software in the Cisco A...

Digium Asterisk Open Source and Certified Asterisk Arbitrary Command Execution Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. There are security vulnerabilities in Asteris...

USN-3406-1 linux vulnerabilities

It was discovered that an out of bounds read vulnerability existed in the associative array implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or expose sensitive information. CVE-2016-7914 It was discovered that a NULL pointer dereferenc...

Qemu: usb: ehci host memory leakage during hotunplug

Memory leak in QEMU aka Quick Emulator, when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory consumption by repeatedly hot-unplugging the device...

Qemu: usb: xhci infinite recursive call via xhci_kick_ep

QEMU aka Quick Emulator, when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service infinite recursive call via vectors involving control transfer descriptors sequencing...

Qemu: serial: host memory leakage 16550A UART emulation

Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

Qemu: usb: redirector: memory leakage when destroying redirector

Quick Emulator Qemu built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredirhandledestroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host...

Qemu: char: divide by zero error in serial_update_parameters

The serialupdateparameters function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service divide-by-zero error and QEMU process crash via vectors involving a value of divider greater than baud base...

Qemu: usb: xhci infinite recursive call via xhci_kick_ep

QEMU aka Quick Emulator, when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service infinite recursive call via vectors involving control transfer descriptors sequencing...

Qemu: usb: ehci: memory leakage in ehci_init_transfer

Quick Emulator Qemu built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehciinittransfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host...

Qemu: usb: xhci memory leakage during device unplug

A memory-leak flaw was found in the Quick EmulatorQEMU built with USB xHCI controller emulation support. The flaw could occur while doing a USB-device unplug operation. Unplugging the device repeatedly resulted in leaking host memory, which affected other services on the host. A privileged user...

Qemu: char: divide by zero error in serial_update_parameters

The serialupdateparameters function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service divide-by-zero error and QEMU process crash via vectors involving a value of divider greater than baud base...

App Layering: Recipe for QuickBooks

QuickBooks is an application that licenses and registers to the volume serial number of the local hard disk. When the license is created an encrypted file is stored that can only be unencrypted if the volume serial number matches the system it was installed on. When Unidesk creates a new desktop,...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3360-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3360-1 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...

USN-3360-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...