58 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked mmcaddhost return value, which could lead to a memory leak and kernel crash...
Linux Distros Unpatched Vulnerability : CVE-2024-42088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1OUTBE dai link Commit e70b8dd26711 ASoC:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing pcidevput call in the mmc driver, which could lead to a memory leak...
Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"
...
CVE-2024-56685
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...
CVE-2024-56685
Technical details about CVE-2024-56685 are not provided in the connected documents. Public information and exact affected components/versions, exploitation status, and fixes are not available here; monitor for updates and official advisories.
CVE-2024-56685 ASoC: mediatek: Check num_codecs is not zero to avoid panic during probe
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...
CVE-2024-56685 ASoC: mediatek: Check num_codecs is not zero to avoid panic during probe
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...
kernel: mmc: mxcmmc: fix return value check of mmc_add_host()
A flaw was found in the Linux kernel's Freescale MXC MMC driver. The mxcmmc driver fails to check the return value of mmcaddhost. If this function fails, memory allocated by mmcallochost is leaked, and a subsequent driver removal will crash the kernel when attempting to delete a device that was...
CVE-2024-50105
CVE-2024-50105 relates to the Linux kernel ASoC Qualcomm Soundwire path. The SC7280 Soundwire runtime stream allocation was not updated when allocation was moved to per-machine soundcard drivers, risking NULL pointer dereference or uninitialized memory during playback. The fix (commit 15c7fab0e04...
CVE-2024-40432
A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTLSFFDISKDEVICECOMMAND control of the SD card reader driver allows a privileged attacker to crash the OS...
CVE-2024-38551
CVE-2024-38551 : In the Linux kernel, the ASoC Mediatek path assigns a dummy codec to a DAI link if no real codec is present, to avoid NULL pointer errors during string comparisons. This vulnerability was resolved by the kernel fix described in the initial document, with MediaTek sound card drive...
SUSE CVE-2024-36029
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller Generic sdhci code registers LED device and uses host-runtimesuspended flag to protect access to it. The sdhci-msm driver doesn't set this flag, which causes a crash when LED...
The vulnerability of the MyEID driver of the software and library used for working with OpenSC smart cards allows a perpetrator to potentially gain unauthorized access to confidential data.
The vulnerability of the MyEID driver for software tools and libraries used to work with OpenSC smart cards lies in the fact that it allows reading beyond the memory buffer boundaries during the processing of symmetric-key encryption. Exploiting this vulnerability could potentially allow an...
SUSE CVE-2020-26570
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile...
SUSE CVE-2020-26571
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit...
SUSE CVE-2022-41848
drivers/char/pcmcia/synclinkcs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpcioctl and mgslpcdetach...
An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open() aka a race condition between cmm_open() and cm4000_detach().
...
AZL-11381 CVE-2022-44033 affecting package kernel for versions less than 5.15.122.1-2
An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open, aka a race condition between cm4040open and readerdetach...
PT-2022-5927
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 6.0.6 Description The issue is caused by synchronization errors when using a shared resource in the Linux kernel's drivers/char/pcmcia/scr24x cs.c component. This can lead to a race condition and resultant...