21 matches found
SUSE CVE-2023-43633
On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system's configuration, which also includes some debug functions...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007361)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007361 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger...
CVE-2023-43633
On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...
EUVD-2023-54648
Malicious code in bioql PyPI...
SUSE CVE-2022-48937
In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...
CVE-2022-48937
A vulnerability was found in the Linux kernel’s iouring subsystem, specifically within the ioaddbuffers function. This issue could lead to soft lockups by repeatedly invoking kmalloc in a loop of around 65,535 iterations, especially when debugging features like KASAN are enabled. Symptoms include...
DEBIAN-CVE-2022-48937
In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...
UBUNTU-CVE-2022-48937
In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...
CVE-2022-48937
In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...
CVE-2022-48937 io_uring: add a schedule point in io_add_buffers()
In the Linux kernel, the following vulnerability has been resolved: iouring: add a schedule point in ioaddbuffers Looping 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features like KASAN. 253.536212 watchdog: BUG: soft lockup - CPU64 stuck for 26s!...
CVE-2023-4804
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed...
CVE-2023-4804
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed...
Code injection
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed...
CVE-2023-4804 Quantum HD Unity
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed...
CVE-2023-4804 Quantum HD Unity
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed...
CVE-2023-4804
CVE-2023-4804 affects Johnson Controls Quantum HD Unity family. The root cause is an active debug code/debug features accidentally exposed, allowing an unauthorized user to access debugging functionality. Affected products and versions include: Quantum HD Unity Compressor panels (Q5: all versions...
Johnson Controls Quantum HD Unity
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable Remotely/Low attack complexity Vendor : Johnson Controls Inc. Equipment : Quantum HD Unity Vulnerability : Active Debug Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to...
PT-2023-7057
Name of the Vulnerable Software and Affected Versions Quantum HD Unity products affected versions not specified Quantum HD Unity Compressor affected versions not specified Quantum HD Unity AcuAir affected versions not specified Quantum HD Unity Engine Room affected versions not specified Quantum ...
Duplicate Advisory: EVE's Debug Functions Unlockable Without Triggering Measured Boot
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4c4v-42hc-72p6. This link is maintained to preserve external references. Original Description On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the...
CVE-2022-43486
Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices...