PT-2026-2536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel related to the Chrome EC ISHTP driver. After the driver is unbound, a kernel thread, cros ec console log work, continues to access the...

CVE-2023-53059 platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...

SUSE CVE-2016-1638

extensions/renderer/resources/platformapp.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app...

UBUNTU-CVE-2023-0137

Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...