33 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failed retry when reading efuse in the wifi:rtlwifi subsystem...
PT-2024-35637
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12-rc5 Description A vulnerability in the Linux kernel has been resolved, related to the wifi: rtlwifi driver. The issue arises when the driver attempts to read efuse in case of failures, resulting in a hung...
DEBIAN-CVE-2024-27068
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvtsthermal: Fix a memory leak in an error handling path If devmkrealloc fails, then 'efuse' is leaking. So free it to avoid a leak...
UBUNTU-CVE-2024-27068
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvtsthermal: Fix a memory leak in an error handling path If devmkrealloc fails, then 'efuse' is leaking. So free it to avoid a leak...
CVE-2024-28183
ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...
CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack
ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...
CVE-2024-28183
CVE-2024-28183 describes a TOCTOU vulnerability in the ESP-IDF bootloader of Espressif SoCs. An attacker with physical access to device flash can bypass anti-rollback protection by altering flash contents after anti-rollback checks but before loading the application, enabling boot of partitions w...
CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack
ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...
CVE-2021-47065 rtw88: Fix array overrun in rtw_get_tx_power_params()
In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...
CVE-2022-45163
An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...
Information disclosure
An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...
CVE-2022-45163
An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...
CVE-2022-45163
CVE-2022-45163 describes an information-disclosure vulnerability on select NXP i.MX SDP-enabled devices. In security-enabled configurations, memory contents could be leaked to physically proximate attackers via the SDP port during cold or warm boots. Affected products include i.MX RT 1010, 1015, ...