226 matches found
CVE-2024-56434
UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device...
CVE-2024-56434
UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device...
CVE-2024-56434
CVE-2024-56434 describes a Use-After-Free (UAF) vulnerability in Huawei HarmonyOS’s device node access module. The underlying issue is a memory misreference within the module, which can lead to device service exceptions if exploited. Reported impact notes from multiple sources align on potential ...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS device node access module, which can be exploited by an attacker to cause a device service...
PT-2025-3278 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: Device node access module affected versions not specified Description: The issue concerns a Use After Free UAF vulnerability in the device node access module. Successful exploitation of this vulnerability may cause service exceptions of the...
DEBIAN-CVE-2024-53075
In the Linux kernel, the following vulnerability has been resolved: riscv: Prevent a bad reference count on CPU nodes When populating cache leaves we previously fetched the CPU device node at the very beginning. But when ACPI is enabled we go through a specific branch which returns early and does...
CVE-2024-50012
In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node that was acquired at the start of the function...
DEBIAN-CVE-2024-50012
In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node that was acquired at the start of the function...
UBUNTU-CVE-2024-50012
In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node that was acquired at the start of the function...
CVE-2024-50012 cpufreq: Avoid a bad reference count on CPU node
In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node that was acquired at the start of the function...
CVE-2024-50012 cpufreq: Avoid a bad reference count on CPU node
In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node that was acquired at the start of the function...
CVE-2024-50012 cpufreq: Avoid a bad reference count on CPU node
In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node that was acquired at the start of the function...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly managing device node reference counts...
CVE-2024-41024
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Restrict untrusted app to attach to privileged PD Untrusted application with access to only non-secure fastrpc device node can attach to rootpd or static PDs if it can make the respective init request. This can cau...
DEBIAN-CVE-2024-40991
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Fix ofk3udmaglueparsechnbyid The ofk3udmaglueparsechnbyid helper function erroneously invokes "ofnodeput" on the "udmaxnp" device-node passed to it, without having incremented its reference count at a...
PT-2024-29196 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the of k3 udma glue parse chn by id helper function in the Linux kernel, which erroneously invokes of node put on the udmax np device-node without having...
SUSE CVE-2023-52650
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for offinddevicebynode Add check for the return value of offinddevicebynode and return the error if it fails in order to avoid NULL pointer dereference...
CVE-2022-23086
Handlers for CFGPAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small. Users with access to the mpr, mps or mpt device node may...
CVE-2022-23086 mpr/mps/mpt driver ioctl heap out-of-bounds write
Handlers for CFGPAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small. Users with access to the mpr, mps or mpt device node may...
DEBIAN-CVE-2021-3923
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...