CVE-2023-31330

CVE-2023-31330 concerns an out-of-bounds read in the ASP bootloader that could let a privileged attacker with access to a malicious bootloader read sensitive memory, leading to loss of confidentiality. The affected component is the ASP bootloader on AMD Client Processor platforms (ASP/SMM and rel...

CVE-2023-31330

An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality...

CVE-2023-31330

An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality...

CVE-2021-46750

Failure to validate the address and size in TEE Trusted Execution Environment may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR Trusted Memory Region that was previously allocated by the ASP bootloader leading to a potential los...

CVE-2021-46750

Failure to validate the address and size in TEE Trusted Execution Environment may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR Trusted Memory Region that was previously allocated by the ASP bootloader leading to a potential los...

CVE-2021-46750

CVE-2021-46750 describes a failure to validate address and size in a Trusted Execution Environment (TEE) that could allow a local x86 attacker to send malformed messages to the graphics mailbox, causing overlap of a previously allocated Trusted Memory Region (TMR) by the ASP bootloader and potent...

CVE-2025-36907

In drawsurfaceimage of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for...

PT-2025-36381

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: An out-of-bounds read issue exists in the ASP bootloader. A privileged attacker with access to a malicious bootloader could potentially read sensitive memory, leading to a loss of...

CVE-2023-21472

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

CVE-2023-21473

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write

...

CVE-2025-36907

In drawsurfaceimage of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for...

Grub2: commands/extcmd: missing check for failed allocation

...

Grub2: grub-core/gettext: integer overflow leads to heap oob write.

...

CVE-2025-36907

In drawsurfaceimage of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for...

CVE-2025-36907

In drawsurfaceimage of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for...

CVE-2025-36907

CVE-2025-36907 affects the Android Pixel stack: a heap buffer overflow in the draw_surface_image() function of abl/android/lib/draw/draw.c allows an out-of-bounds write. This can lead to local elevation of privilege via USB fastboot after a bootloader unlock, with no additional execution privileg...

nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.

...

PT-2025-35890

Name of the Vulnerable Software and Affected Versions: abl affected versions not specified Description: A heap buffer overflow exists in the draw surface image function within abl/android/lib/draw/draw.c. This issue may lead to local escalation of privilege via USB fastboot after a bootloader...

CVE-2023-21472

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...