38 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fixed NULL pointer dereferencing in eirgetservicedata. The len parameter is considered optional; therefore, it can be NULL. This prevents it from being used to skip to the next entry in EIRSERVICEDATA...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38304)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38304 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on...
SUSE-SU-2025:3716-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortname...
SUSE SLES12 Security Update : kernel (SUSE-SU-2025:03614-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03614-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
SUSE CVE-2022-50233
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...
AZL-70474 CVE-2022-50233 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...
DEBIAN-CVE-2022-50233
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...
UBUNTU-CVE-2022-50233
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...
CVE-2022-50233
CVE-2022-50233 (bluetooth: device name can cause reading kernel memory by not supplying terminal \0) affects SUSE Linux Enterprise Server 15 SP4 kernels (live patch stream). The SUSE advisories indicate this issue was fixed in multiple kernel live patches (e.g., SUSE-SU-2026:0163-1, 0166-1, 0168-...
CVE-2022-50233
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...
SUSE CVE-2025-38303
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...
DEBIAN-CVE-2025-38303
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...
AZL-64949 CVE-2025-38304 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...
AZL-64983 CVE-2025-38303 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...
UBUNTU-CVE-2025-38304
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...
UBUNTU-CVE-2025-38303
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...
CVE-2025-38304 Bluetooth: Fix NULL pointer deference on eir_get_service_data
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from eircreateadvdata not checking the buffer size, which could lead to a crash...
Eir’s D1000 Modem Is Wide Open To Being Hacked.
Background The Eir D1000 Modem has bugs that allow an attacker to gain full control of the modem from the Internet. The modem could then be used to hack into internal computers on the network, as a proxy host to hack other computers or even as a bot in a botnet. A port scan of the the modem...
Eir D1000 Arbitrary Command Execution Vulnerability
The Eir D1000 is a modem from Eir Ireland. A security vulnerability exists in the Eir D1000 modem that stems from the program failing to properly restrict the TR-064 protocol. A remote attacker can exploit the vulnerability to execute arbitrary commands on TCP port 7547...