📄 Qualcomm CVP Kernel Driver Pointer Disclosure / Privilege Escalation

This advisory describes a local privilege escalation vulnerability affecting the Qualcomm CVP kernel driver msmcvp, exposed through the /dev/cvp device node on Android systems using Qualcomm SoCs. The vulnerability originates from an improperly obfuscated kernel pointer returned to user space as ...

📄 Qualcomm CVP Kernel Pointer Leak

The Qualcomm CVP driver exposes kernel pointers to userland by returning a hashed session ID derived from a kernel pointer using hash32ptr. This function is not a cryptographic hash but a reversible fold that XORs the upper and lower 32 bits of the pointer. Due to predictable ARM64 kernel virtual...

EUVD-2020-3535

Malware in sbrugna...

EUVD-2003-1439

Malware in sbrugna...

EUVD-2013-1264

Malware in sbrugna...

EUVD-2013-1260

Malware in sbrugna...

EUVD-2014-3338

Malware in sbrugna...

EUVD-2021-7066

Malicious code in bioql PyPI...

EUVD-2021-6712

Malicious code in bioql PyPI...

EUVD-2024-30798

Malicious code in bioql PyPI...

CVE-2021-1245

Cisco Finesse and Cisco Unified CVP OpenSocial Gadget Editor Cross-Site Scripting Vulnerability A vulnerability in the web-based management interface of Cisco Finesse and Cisco Unified CVP could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

CVE-2019-18181

In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only...

CVE-2024-33053

CVE-2024-33053 involves a memory corruption issue in Qualcomm CVP buffers when multiple threads unregister the buffer concurrently. The available details indicate the root cause is a synchronization/ordering problem during unregistration that can lead to memory corruption, with a local attack vec...

CVE-2024-33053 Use After Free in Video

Memory corruption when multiple threads try to unregister the CVP buffer at the same time...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.10.14 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.10.14 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS ba...

CVE-2022-29071

Arista CloudVision Portal (CVP) on-premises is affected. Under certain conditions, CVP user login passwords can be leaked to other authenticated users via Audit and System logs. The issue is documented in ARISTA Security Advisory 0079 and CVE-2022-29071, with fixed releases CVP 2022.1.1 and CVP 2...

Security Advisory 0079

Security Advisory 0079 . CSAF PDF Date: July 26th, 2022 Revision | Date | Changes ---|---|--- 1.0 | July 26th 2022 | Initial release CVE-2022-2907 The CVE-ID tracking this issue: CVE-2022-29071 CVSSv3.1 Base Score: 4.0 AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Common Weakness Enumeration CWE: CWE-200...

CVE-2021-28508

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to...

CVE-2021-28509

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to...

Design/Logic Flaw

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to...