Intel Optane SSD DC P4800X Denial of Service Vulnerability (CNVD-2019-02514)

The Intel Optane SSD DC P4800X is a solid state drive from Intel USA. A security vulnerability exists in the firmware update subroutine for the bootloader in versions prior to Intel Optane SSD DC P4800X E2010435. A local attacker could exploit this vulnerability to cause a denial of service...

CVE-2018-12167

Firmware update routine in bootloader for IntelR OptaneTM SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access...

Cryptocurrency Wallet Hacks Spark Dustup

LEIPZIG, GERMANY – Hardware based cryptocurrency wallets may not be as secure as promised. That’s the judgement of Dmitry Nedospasov, Thomas Roth and Josh Datko who together presented their research at a session here at the 35c3 conference called “wallet.fail.” In the talk the researchers...

The vulnerability of the HTC Bootloader component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the HTC Bootloader of the Android operating system is related to errors in the authentication process for certificates. Exploiting this vulnerability can allow attackers to increase their privileges...

Google Android Bootloader Component Privilege Permission and Access Control Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Bootloader is a bootloader. A security vulnerability exists in the Bootloader component in Android on Pixel devices. A local attacker can exploit the vulnerability to gai...

Google Android Bootloader Buffer Overflow Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Bootloader is a bootloader. A buffer overflow vulnerability exists in Bootloader in Android. An attacker could exploit this vulnerability to execute code or cause a denia...

Heap overflow

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader...

DENX U-Boot Buffer Overflow Vulnerability

DENX Software Engineering Das U-Boot is a set of bootloaders from DENX Software Engineering, Germany, that can read device configurations from AES encrypted files. A buffer overflow vulnerability exists in the filesystem image load function in DENX Software Engineering Das U-Boot, which stems fro...

CVE-2018-9580

A Elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-76222002...

Privilege escalation

A Elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-76222002...

CVE-2018-9580

CVE-2018-9580 is an Elevation of Privilege in the HTC bootloader affecting Android kernel components. The issue is categorized as EoP with high risk (CVSS v3.0 base score 9.8) and high impact on confidentiality, integrity, and availability; exploitation details or vectors are not disclosed in the...

CVE-2018-9580

A Elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-76222002...

DigiDuck Framework - Framework For Digiduck Development Boards Running ATTiny85 Processors And Micronucleus Bootloader

Framework for Digiduck Development Boards running ATTiny85 processors and micronucleus bootloader! Roadmap: Plan to implement a command for Duckyspark translation within the framework. Requirements: - ATTiny85 or other compatible "Digispark" Development Boards - DigiSpark Drivers If you can use...

Google Android Bootloader Integer Overflow Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Bootloader is a bootloader. An integer overflow vulnerability exists in Bootloader in Android. An attacker can exploit this vulnerability to cause a buffer overflow...

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to mitigate security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.153/: Upgraded. This kernel update enables mitigations for L1 Terminal Fault aka Foreshadow and Foreshadow-NG vulnerabilities. Thank...

CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...

CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...

CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

CVE-2017-3226

CVE-2017-3226 concerns Das U-Boot’s AES-CBC environment encryption (CONFIG_ENV_AES=y). A crafted two‑byte sequence in the encrypted environment data can trigger an error during environment variable parsing, which is improperly handled and leads to an immediate process termination with a debugging...