101 matches found
CVE-2022-50343
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...
Linux Distros Unpatched Vulnerability : CVE-2022-49819
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeonep: fix potential memory leak in octepdevicesetup When occur unsupporteddev and mbox...
Linux Distros Unpatched Vulnerability : CVE-2021-3348
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nbdaddsocket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndbqueuerq use-after- free that could be triggered by local attackers with access...
CVE-2023-21245
In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...
CVE-2021-30810
An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup...
CVE-2020-0819
An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'...
CVE-2019-8804
An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup...
CVE-2022-49819
In the Linux kernel, the following vulnerability has been resolved: octeonep: fix potential memory leak in octepdevicesetup When occur unsupporteddev and mbox init errors, it did not free oct-conf and iounmap oct-mmioi.hwaddr. That would trigger memory leak problem. Add kfree for oct-conf and...
DEBIAN-CVE-2022-49819
In the Linux kernel, the following vulnerability has been resolved: octeonep: fix potential memory leak in octepdevicesetup When occur unsupporteddev and mbox init errors, it did not free oct-conf and iounmap oct-mmioi.hwaddr. That would trigger memory leak problem. Add kfree for oct-conf and...
UBUNTU-CVE-2022-49819
In the Linux kernel, the following vulnerability has been resolved: octeonep: fix potential memory leak in octepdevicesetup When occur unsupporteddev and mbox init errors, it did not free oct-conf and iounmap oct-mmioi.hwaddr. That would trigger memory leak problem. Add kfree for oct-conf and...
CVE-2022-49819 octeon_ep: fix potential memory leak in octep_device_setup()
In the Linux kernel, the following vulnerability has been resolved: octeonep: fix potential memory leak in octepdevicesetup When occur unsupporteddev and mbox init errors, it did not free oct-conf and iounmap oct-mmioi.hwaddr. That would trigger memory leak problem. Add kfree for oct-conf and...
CVE-2022-49819
CVE-2022-49819 concerns the Linux kernel. The issue in octeon_ep has a potential memory leak in octep_device_setup on failures of unsupported_dev or mbox init, where oct->conf was not freed and oct->mmio[i].hw_addr was not unmapped. The fix frees oct->conf with kfree() and unmaps oct->...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unfree memory in octepdevicesetup, which could lead to a memory leak...
SUSE CVE-2022-49549
In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...
CVE-2023-52796 ipvlan: add ipvlan_route_v6_outbound() helper
In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlanprocessv6outbound by moving the flowi6 struct used for the route lookup in an non...
CVE-2021-47400 net: hns3: do not allow call hns3_nic_net_open repeatedly
In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...
CVE-2024-26872
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...
CVE-2023-35836
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...
PT-2024-12513 · Solax · Solax Pocket Wifi
Name of the Vulnerable Software and Affected Versions: SolaX Pocket WiFi versions 3 through 3.001.02 Description: An issue allows an attacker within RF range to obtain a cleartext copy of the network configuration, including the Wi-Fi PSK, during device setup and reconfiguration. This enables the...
CVE-2023-35836
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...