21 matches found
mmc: vub300: fix NULL-deref on disconnect
...
SUSE-SU-2026:0473-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. - CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc125254...
PT-2025-53964
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s mmc subsystem, specifically within the via-sdmmc driver. The mmc add host function may return an error, and failure to check this return value can lea...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988720)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988720 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdioaddfunc or sdioinitfunc fails,...
CVE-2025-39846
In the Linux kernel, the following vulnerability has been resolved: pcmcia: Fix a NULL pointer dereference in iodynfindioregion In iodynfindioregion, pcmciamakeresource is assigned to res and used in pcibusallocresource. There is a dereference of res in pcibusallocresource, which could lead to a...
PT-2025-38163
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The mmc add host function may return an error, and failing to check this return value can lead to a memory leak. This memory leak occurs because memory allocated in mmc alloc host is n...
UBUNTU-CVE-2022-50251
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
VMware Workstation Out-of-bounds read Vulnerability (VMSA-2024-0005) - Windows
VMware Workstation is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VMware Fusion Out-of-bounds read Vulnerability (VMSA-2024-0005) - Mac OS X
VMware Fusion is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:fusion";...
CVE-2024-20327
A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the pppma process, resulting in a denial of service DoS condition. This vulnerability is du...
CVE-2024-22251
VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID chip card interface device. A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure...
VMware Workstation Security Vulnerability
VMware Workstation is a set of virtual machine software from VMware. The software provides the ability to run multiple virtual machines with different operating systems at the same time. A security vulnerability exists in VMware Workstation and Fusion, which was discovered to contain an...
Arbitrary Code Execution
ccid is vulnerable to arbitrary code execution attacks. The vulnerability exists as a signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to...
Qemu: usb: integer overflow in emulated_apdu_from_guest
An integer overflow flaw was found in Quick Emulator QEMU in the CCID Card device support. The flaw could occur while passing messages via command/response packets to and from the host. A privileged user inside a guest could use this flaw to crash the QEMU process...
CCID: Arbitrary code execution
Background CCID is a generic USB Chip/Smart Card Interface Devices driver. Description CCID contains an integer overflow vulnerability in ccidserial.c. Impact A physically proximate attacker could execute arbitrary code via a smart card with a specially crafted serial number. Workaround There is ...
CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
CentOS Update for ccid CESA-2013:0523 centos6
Check for the Version of ccid OpenVAS Vulnerability Test CentOS Update for ccid CESA-2013:0523 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for qemu-kvm RHSA-2011:1777-01
Check for the Version of qemu-kvm OpenVAS Vulnerability Test RedHat Update for qemu-kvm RHSA-2011:1777-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[ MDVSA-2011:014 ] ccid
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:014 http://www.mandriva.com/security/ Package : ccid Date : January 20, 2011 Affected: Corporate 4.0 Problem Description: A vulnerability has been found and corrected in ccid: Signedness error in ccidserial....
CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...