SUSE CVE-2024-58006

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

UBUNTU-CVE-2024-58006

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

CVE-2024-58006 PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

Siemens InsydeH2O Improper Input Validation (CVE-2023-27373)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM. Insyde BIOS is typically used in RUGGEDCOM APE products and some SIMATIC...

CVE-2023-27373

CVE-2023-27373 affects InsydeH2O BIOS (kernel 5.0–5.5). The issue arises from insufficient input validation, allowing an attacker with local access to tamper with a runtime EFI variable and cause a dynamic BAR setting to overlap SMRAM. Connected advisories confirm this family of vulnerabilities a...

CVE-2023-27373

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM...