109 matches found
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
OpenSC: out-of-bounds read in MyEID driver handling encryption using symmetric keys
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
AZL-31945 CVE-2023-4535 affecting package opensc for versions less than 0.23.0-2
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
AZL-35076 CVE-2023-4535 affecting package opensc for versions less than 0.25.1-3
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
PT-2023-8907 · Opensc +4 · Opensc +4
Name of the Vulnerable Software and Affected Versions: OpenSC affected versions not specified Description: An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical...
K73337338: Linux kernel vulnerability CVE-2017-16648
Security Advisory Description The dvbfrontendfree function in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via a crafted USB device. NOTE: the...
SUSE CVE-2017-16532
The getendpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2017-16535
The usbgetbosdescriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2017-16536
The cx231xxusbprobe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2017-16643
The parsehidreportdescriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2017-16647
drivers/net/usb/asixdevices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2017-16650
The qmiwwanbind function in drivers/net/usb/qmiwwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero error and system crash or possibly have unspecified other impact via a crafted USB device...
SUSE CVE-2019-15504
drivers/net/wireless/rsi/rsi91xusb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic which may be remote via usbip or usbredir...
CVE-2023-25012
The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long...
In the Linux kernel through 5.15.2 mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
...
CVE-2021-43976
In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a denial of service skboverpanic...
CVE-2021-43976
In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a denial of service skboverpanic...
AZL-6606 CVE-2021-43976 affecting package kernel for versions less than 5.15.2.1-1
In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a denial of service skboverpanic...
Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) Model 3120 Encryption Error Vulnerability
The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is a portable cardiac rhythm management Crm programming system from Boston Scientific, Inc. The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is vulnerable to an encryption error that could...