Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper retention of the mstatus.SUM bit, which remains set contrary to privileged specification constraints. An attacker can gain unauthorized access to physical memory by exploiting this improper...

CVE-2025-5834

The CVE-2025-5834 entry concerns Pioneer DMH-WT7600NEX, where a missing immutable root of trust in the hardware SoC enables local privilege escalation. The flaw stems from improper hardware root-of-trust configuration, allowing a local attacker to bypass authentication and escalate privileges to ...

CVE-2024-48772

An issue in C-CHIP com.cchip.cchipamaota v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process...

CVE-2025-23149

In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPMCHIPFLAGSUSPENDED after the call to tpmfindgetops can lead to a spurious tpmchipstart call: 35985.503771 i2c i2c-1: Transfer while suspended 35985.503796 WARNING: CPU: 0 PID: 74 ...

CVE-2022-49287

CVE-2022-49287 concerns a Linux kernel refcount issue in tpm_chip handling that can trigger a use-after-free when interacting with TPM devices. The description details a sequence where a TPM command is written to /dev/tpmrm after unloading tpm_tis_spi, causing a refcount warning: refcount_t: addi...

CVE-2024-56656 bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X P7 chip's HW GRO/LRO interface is very similar to that of the previous generation 5750X or P5. However, the aggregation ID fields in the completion structur...

CVE-2024-49973

CVE-2024-49973 concerns the Linux kernel’s rtl8169/RTL8125 NIC path. The issue arises from RTL8125 adding tally counter fields, which may be DMAed to unallocated memory if the tally counter area isn’t large enough. The described fix is to ensure the allocated memory region can hold all tally coun...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips, which stems from a missing boundary check issue in the da module, which could result in an out-of-bounds write...

Qualcomm Chip Code Issue Vulnerability

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. The Qualcomm chip suffers from a code issue vulnerability that originat...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in gps, which may result in out-of-bounds writes...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in gps, which may result in out-of-bounds writes...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of privilege checking in duraspeed, which could lead to information disclosure...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking in the apu module, which may result in memory corruption...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the Bluetooth module of the MediaTek chips, which is caused by a lack of boundary checking and may allow out-of-bounds reads...

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip suffers from a security vulnerability that stems from a...

MediaTek 芯片 命令注入漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. The MediaTek chips are vulnerable to a command injection vulnerability that stems from incorrect input validation leading to command injection...

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chip ged, which is caused by a lack of boundary checking and may allow out-of-bounds writes...

MediaTek 芯片资源管理错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in MediaTek aee, which stems from a lack of bounds checking, leading to memory reuse after release...

MediaTek 芯片代码问题漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. An elevation of privilege vulnerability exists in a number of MediaTek chipsims, which stems from a mismatch in the package format, and can be exploited by an attacker to gain elevation of privilege...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a...