29 matches found
CVE-2022-48817
CVE-2022-48817 is a Linux kernel issue affecting the ar9331 MDIO switch under the DSA subsystem. The root cause is that mdiobus registration was done under devres and could be freed by devm_mdiobus_free() via device core shutdown, leading to a panic if the bus was still registered. The advisory e...
CVE-2022-48817 net: dsa: ar9331: register the mdiobus under devres
In the Linux kernel, the following vulnerability has been resolved: net: dsa: ar9331: register the mdiobus under devres As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree wi...
CVE-2022-48817 net: dsa: ar9331: register the mdiobus under devres
In the Linux kernel, the following vulnerability has been resolved: net: dsa: ar9331: register the mdiobus under devres As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree wi...
CVE-2022-48817
In the Linux kernel, the following vulnerability has been resolved: net: dsa: ar9331: register the mdiobus under devres As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree wi...
GSD-2022-1004266 net: phy: at803x: fix NULL pointer dereference on AR9331 PHY
net: phy: at803x: fix NULL pointer dereference on AR9331 PHY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit...
GSD-2022-1000508 net: dsa: ar9331: register the mdiobus under devres
net: dsa: ar9331: register the mdiobus under devres This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...
GSD-2022-1000427 net: dsa: ar9331: register the mdiobus under devres
net: dsa: ar9331: register the mdiobus under devres This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...
GSD-2022-1000369 net: dsa: ar9331: register the mdiobus under devres
net: dsa: ar9331: register the mdiobus under devres This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...
HS-110 Smart Plug Account Takeover / Insecure Design
Content Table 1. Introduction 2. The Firmware 3. The Android Application 4. The Problems 5. Conclusion 6. Appendix 6.1. Excursion Dalvik 6.2 Control script 1. Introduction The HS-110 is a Smart Plug meaning it is capable of being controlled with commands via a network. TP-Link released a mobile...