13 matches found
CVE-2026-43357
A flaw was found in the iio: gyro: mpu3050-core driver of the Linux kernel. Incorrect error handling in the power management runtime functions allows the driver to attempt accessing hardware that may have failed to resume. This can lead to an unconditionally incremented device usage count,...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5ibgethwstats when used for device Currently, when mlx5ibgethwstats is used for device portnum = 0, there is a special handling in order to use the correct counters, but, portnum is being passed down the stack...
EUVD-2022-54619
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usagecount for console handover When console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. Therefore, it will not call pmruntimegetsync. Later, when the actual...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incorrect use of kfree instead of putdevice when rioaddnet fails, which could lead to reuse after releas...
CVE-2022-49613 serial: 8250: Fix PM usage_count for console handover
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usagecount for console handover When console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. Therefore, it will not call pmruntimegetsync. Later, when the actual...
kernel: RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device
An out-of-bounds write vulnerability exists in the linux kernel, such that when mlx5ibgethwstats is used forthe device portnum = 0, There is a special handling in order to use the correct counters, but, portnum is being passed down the stack without any change leading to damage in system...
UVI-2021-1001365 virtio_console: Assure used length from device is limited
virtioconsole: Assure used length from device is limited This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.198 by commit...
What Google learned from 1 billion evil email scams
Google and researchers at Stanford University have released an in-depth study analysing 5 months of phishing / malware mails sent globally. "Who is targeted by email-based phishing and malware? Measuring factors that differentiate risk" looked at more than a billion mails. The results were then f...
Italy CERT Warns of a New Credential Stealing Android Malware
Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video. Dubbed "Oscorp" by Italy's CERT-AGID and spotted by AddressIntel, the malware "induces the user to install an accessibility service wi...
Mobile Trends during the US Holiday Weekend
Over the past few years we've seen a tremendous growth in mobile traffic on the web. Because of this many of the most successful websites have invested in optimizing the experience of users on whatever device they use and however they connect to the internet. With mobile traffic now exceeding...
UBUNTU-CVE-2018-19409
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used...
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
Arbitrary file upload / remote code execution in ManageEngine Desktop Central / Desktop Central MSP Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Background on the affected product: "Deskt...
NOAA, Satellite Data, Riddled with Vulnerabilities
The informational systems that the National Oceanic and Atmospheric Administration NOAA run are fraught with vulnerabilities and what the U.S. Department of Commerce deems “significant security deficiencies” that could leave it vulnerable to cyber attacks. That’s according to the findings of an...