101 matches found
CVE-2022-50015 ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...
SUSE SLED15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2025:01703-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01703-1 advisory. Update to Xen 4.18.5: Security fixes: - CVE-2024-28956: Fixed Intel CPU Indirect Target Selection ITS...
CVE-2025-4478
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference...
CVE-2025-21866
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VMALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vmalloc-out-of-bounds in...
Linux Distros Unpatched Vulnerability : CVE-2025-21818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/xen: fix xenhypercallhvm to not clobber %rbx xenhypercallhvm, which is used when running...
Linux Distros Unpatched Vulnerability : CVE-2022-2347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does no...
Linux Distros Unpatched Vulnerability : CVE-2024-36944
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Reapply drm/qxl: simplify qxlfencewait This reverts commit...
CVE-2025-0624
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
CVE-2025-0624
CVE-2025-0624 affects grub2; a network-boot configuration search copies data from a user-controlled environment variable into an internal buffer using grub_strcpy without accounting for the environment variable length, causing an out-of-bounds write. This can enable remote code execution within t...
CVE-2025-0624
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
CVE-2024-47398 Liteos_a has an out-of-bounds write vulnerability
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write...
CVE-2024-47398 Liteos_a has an out-of-bounds write vulnerability
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write...
edk2:20240524 security update
20240524-6.0.1.el95.3 - edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch RHEL-58631 - Resolves: RHEL-58631 Regression HTTP Boot fails to work with edk2-ovmf-20231122-6.el94.2 and greater - edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch RHEL-66230 - Resolves: RHEL-66230...
Security update for xen
This update for xen fixes the following issues: Security issues fixed: CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc1232622 CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables bsc1232624 Non-security issue fixed: Xen host hung at boot up with repeated "XEN API...
SUSE CVE-2024-50108
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too Stuart Hayhurst has found that both at bootup and fullscreen VA-API video is leading to black screens for around 1 second and kernel WARNING 1 traces when calling...
UBUNTU-CVE-2022-48953
In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpiinstallfixedeventhandler enables the event automatically on success, it is incorrect to call it before the handler routine passed to it is ready to handle event...
SUSE CVE-2024-44981
In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the following 'subtraction overflow' error when booting in a virtual machine on Android: | Internal error: UBSAN: integer subtraction overflow:...
UBUNTU-CVE-2024-43889
In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padatamthelper We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. 10.017908 Oops: divide error: 0000 1 PREEMPT SMP NOPTI 10.017908 CPU: 26 PID: 2627...
DEBIAN-CVE-2022-48916
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...
PT-2023-36347 · U-Boot · U-Boot
Name of the Vulnerable Software and Affected Versions: U-boot version 2023.01 Description: The issue occurs when U-boot is upgraded to version 2023.01 on RPI 4/CM4 boards, causing it to fail to boot. The log reports finding the EFI removable media binary efi/boot/bootaa64.efi, but reading the fil...