CVE-2022-33272

CVE-2022-33272 describes a transient DoS in the modem caused by a reachable assertion. The issue is associated with Qualcomm closed‑source modem components; exploitation details are not provided in the initial document, but CVSSv3.1 indicates Network access, no user interaction, low attack comple...

CVE-2022-33254 Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem while processing SIB1 Message...

CVE-2022-33254 Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem while processing SIB1 Message...

CVE-2022-33250 Reachable assertion in Modem

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover...

CVE-2022-33250 Reachable assertion in Modem

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover...

CVE-2022-33244 Reachable assertion in Modem

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout...

CVE-2022-33244

CVE-2022-33244: Transient Denial of Service due to a reachable assertion in the modem during MIB reception and SIB timeout. Documented impact is Availability (CVSS v3.1 base score 7.5). Exploitation status is not provided in the supplied materials. Connected sources consistently describe the issu...

PT-2023-13812 · Qualcomm · Snapdragon +95

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a Transient Denial of Service DOS caused by a reachable assertion in WLAN while processing PEER ID populated by TQM...

PT-2023-13261 · Qualcomm · Snapdragon +61

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a transient Denial of Service DOS condition that occurs when a modem receives repeated invalid message containers for NR to LTE...

PT-2023-13265 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a transient Denial of Service DOS condition that can occur in the Modem when it processes a specific type of message, known as an SIB1 Message. This happens due to a...

PT-2023-13278 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a Transient Denial of Service DOS in the modem due to a reachable assertion. Recommendations: At the moment, there is no information about a newer version that contain...

Integer overflow

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...

CVE-2023-25155

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : SoX vulnerabilities (USN-5904-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5904-1 advisory. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked...

CVE-2023-25155

A vulnerability was found in Redis. This flaw allows authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands to trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process...

PT-2023-2028

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 6.0.18 Redis versions prior to 6.2.11 Redis versions prior to 7.0.9 Description: The issue is related to an integer overflow that can be triggered by authenticated users issuing specially crafted commands, including...

K000132690: BIND vulnerability CVE-2022-3488

Security Advisory Description Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to...

CVE-2022-48363

In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer...

CVE-2022-48363

In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer...

Null pointer dereference

In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer...