287 matches found
CVE-2023-48694
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include...
Buffer overflow
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in...
Null pointer dereference
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include components in host class,...
CVE-2023-48697 Azure RTOS USBX Remote Code Execution Vulnerability
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in...
CVE-2023-48696
Azure RTOS USBX contains a remote code execution vulnerability caused by an expired pointer dereference in the USBX host/CDC ACM path for RTOS v6.2.1 and earlier. Affected component: USBX within Azure RTOS USBX stack (host class/CDC ACM). Remediation: upgrade to USBX release 6.3.0 or later. Explo...
CVE-2023-48695 Azure RTOS USBX Remote Code Execution Vulnerability
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to out of bounds write vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host and...
CVE-2023-48695
Azure RTOS USBX contains an out-of-bounds write vulnerability affecting the USBX host and device classes (CDC ECM and RNDIS) in RTOS v6.2.1 and earlier. This can lead to remote code execution. The issue is fixed in USBX release 6.3.0; upgrading is advised. Connected documents confirm the affected...
CVE-2023-48694 Azure RTOS USBX Remote Code Execution Vulnerability
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include...
The CDC's Gun Violence Research Is in Danger
In a year pocked with fights over US government funding, Republicans are quietly trying to strip the Centers for Disease Control and Prevention of its ability to research gun violence...
kernel: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
SUSE CVE-2016-3138
The acmprobe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a USB device without both a control and a data endpoint descriptor...
SUSE CVE-2016-3951
Double free vulnerability in drivers/net/usb/cdcncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service system crash or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor...
SUSE CVE-2017-16534
The cdcparsecdcheader function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2017-16645
The imspcugetcdcuniondesc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service imspcuparsecdcdata out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2017-16649
The usbnetgenericcdcbind function in drivers/net/usb/cdcether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero error and system crash or possibly have unspecified other impact via a crafted USB device...
CVE-2022-36063
Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...
Integer overflow
Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...
CVE-2022-36063 USBX Host CDC ECM integer underflow with buffer overflow
Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...
CVE-2022-36063 USBX Host CDC ECM integer underflow with buffer overflow
Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...
Ubuntu: Security Advisory (USN-3822-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...