EUVD-2017-17319

Malware in sbrugna...

SUSE-SU-2023:3019-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: Updated to version 20230724 git commit 59fbffa9ec8e: - CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability bsc1213286. Bugfixes: - Fix qcom ASoC tglp WHENCE entry - Group all Conexant V4L devices together - Makefile, copy-firmware...

USN-4527-1: Linux kernel vulnerabilities

It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-19054 It was discovered that the Atheros HTC based wireless...

USN-4525-1: Linux kernel vulnerabilities

It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-18808 It was discovered that the Conexant 23885 TV card device...

USN-4525-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-18808 It was discovered that the Conexant 23885 TV card device...

USN-4526-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-18808 It was discovered that the Conexant 23885 TV card device...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4525-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4525-1 advisory. It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4527-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4527-1 advisory. It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4526-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4526-1 advisory. It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some...

Denial of Service Vulnerability in ZoomInnovation Conexant C2000-B2-SFE0101-BB1 Serial Server

The C2000-B2-SFE0101-BB1 Serial Server is a serial device networking server. A denial of service vulnerability exists in the ZoomInnovation Conexant C2000-B2-SFE0101-BB1 Serial Server, which can be exploited by an attacker to cause a denial of service...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3754-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3754-1 advisory. Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3619-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3619-2 advisory. USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Conexant Systems MicTray64 Information Disclosure Vulnerability

Conexant Systems MicTray64 is an application that Conexant Systems USA installs with the Conexant Audio Driver package and registers as a Microsoft Scheduled Task to run after each user logs on. The program monitors all keystrokes taken by the user to capture and respond to functions such as...

Session fixation

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data keystrokes to any process. In mictray64.exe mic tray icon 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: deb...

CVE-2017-8360

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data keystrokes to any process. In mictray64.exe mic tray icon 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: deb...

CVE-2017-8360

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data keystrokes to any process. In mictray64.exe mic tray icon 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: deb...

CVE-2017-8360

The CVE-2017-8360 issue affects Conexant mictray64/mictray.exe used on HP EliteBook/EliteBook/ProBook/ZBook systems. A LowLevelKeyboardProc Windows hook is used to capture keystrokes, and the keystroke data is disclosed via unintended channels: debug messages accessible to processes in the same u...

Conexant Audio Driver MicTray.exe / MicTray64.exe Keylogger

The Conexant audio driver package installed on the remote Windows host is affected by an information disclosure vulnerability in the debugging features of MicTray.exe or MicTray64.exe due to a LowLevelKeyboardProc Windows hook that is being used to capture keystrokes. This data is then leaked via...

HPSBGN03558 rev.9 - Conexant HD Audio Driver Local Debug Log

Potential Security Impact Potential, local loss of confidentiality VULNERABILITY SUMMARY A potential security vulnerability caused by a local debugging capability that was not disabled prior to product launch has been identified with certain versions of Conexant HD Audio Drivers on HP products. H...

Keylogger Found in Audio Drivers on Some HP Machines

An audio driver that comes installed on some HP-manufactured computers records users’ keystrokes and stores them in a world-readable plaintext file, researchers said Thursday. The culprit appears to be version 1.0.0.31 of MicTray64.exe, a program that comes installed with the Conexant audio drive...