firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers

...

CVE-2021-46746

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment TEE may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service...

CVE-2021-46746

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment TEE may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service...

CVE-2021-46746

CVE-2021-46746 : The AMD ASP/TEE stack protection gap allows a privileged attacker with access to AMD signing keys to corrupt the return address via a stack-based buffer overrun, potentially causing a denial of service. This aligns with AMD’s CVE entry (base score 5.2, local access, high attack c...

ROS-20240812-16

Vulnerability of the dovccioctl function in the net/atm/ioctl.c module of the ATM Asynchronous Transfer Mode network protocol implementation of the Linux kernel is related to the reuse of a previously exploited ATM protocol. Asynchronous Transfer Mode kernel of the Linux operating system is relat...

The vulnerabilities of the functions sbi_cpu_start() and cpu_update_secondary_bootdata() in the Linux operating system’s kernel on RISC-V processors allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the functions sbicpustart in the module arch/riscv/kernel/cpuopssbi.c and cpuupdatesecondarybootdata in the module arch/riscv/kernel/cpuopsspinwait.c in the Linux operating system’s kernel on RISC-V processors is related to memory writing beyond the allocated buffer...

The vulnerability of the loginauth function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK CP450 router’s microprogramming system, which allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loginauth function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK CP450 router’s microprogramming system is related to the issue of data being written outside the buffer in memory when processing the httphost parameter. Exploiting this vulnerability allows a malicious...

The vulnerability of the kdb_read() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kdbread function in the kernel/debug/kdb/kdbio.c file of the Linux operating system is related to memory writing beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...

SUSE CVE-2024-41038

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length strings in the...

SUSE CVE-2024-41056

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Use strnlen on name fields in V1 wmfw files Use strnlen instead of strlen on the algorithm and coefficient name string arrays in V1 wmfw files. In V1 wmfw files the name is a NUL-terminated string in a fixed-size...

PT-2024-17901 · Ashlar Vellum · Ashlar-Vellum Cobalt

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability, as t...

The vulnerability of the DXE microprogramming software driver in Dell Edge Gateway BIOS allows a intruder to gain unauthorized access to protected information.

The vulnerability of the DXE microprogramming software driver for Dell Edge Gateway BIOS is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

CVE-2024-41038

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length strings in the...

The vulnerability of the Microprogramming Software of Supermicro BMC controllers, related to the execution of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Microprogrammed Software of Supermicro controllers involves the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the DSP microprogramming system in Qualcomm’s embedded chips allows a hacker to execute arbitrary code.

The vulnerability of the DSP microprogramming system in Qualcomm’s embedded chips lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability in the LabVIEW programming environment, related to the execution of operations beyond the buffer boundaries in memory, allows an intruder to gain unauthorized access to protected information or execute arbitrary code.

The vulnerability in the LabVIEW programming environment relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information or execute arbitrary code using a specially created...

The vulnerability of the Microprogramming Software of Supermicro BMC controllers, related to the execution of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Microprogrammed Software of Supermicro controllers involves the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

AZL-47489 CVE-2024-41038 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length strings in the...

DEBIAN-CVE-2024-41039

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer...

CVE-2024-41038

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length strings in the...