45 matches found
CVE-2024-32633 Unsigned compared against 0
An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way...
CVE-2024-32633
CVE-2024-32633 describes a flaw where an unsigned value can never be negative, causing eMMC full-disk test evaluations to always yield the same result. Connected sources identify the Asrmicro ASR Series (ASR360x, ASR160x, ASR180x) as affected. The initial entry provides a CVSSv3.1 base score of 4...
CVE-2024-32633 Unsigned compared against 0
An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way...
Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1
Rapid7 was back this year at DEF CON 30 participating at the IoT Village with another hands-on hardware hacking exercise, with the goal of teaching attendees' various concepts and methods for IoT hacking. Over the years, these exercises have covered several different embedded device topics,...
Buffer overflow
Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking...
CVE-2021-1928
CVE-2021-1928 affects a range of Qualcomm Snapdragon devices where emmc flashing code performs an improper buffer size check, causing a buffer over-read. Root cause: incorrect bounds check during memory handling in the emmc flashing path. Impact stated in CVSS: partial confidentiality and partial...
CVE-2021-1928
Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking...
bpftool, kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2021:1071 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2020-13799
Western Digital has identified a security vulnerability in the Replay Protected Memory Block RPMB protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards bodies and is implemente...
CVE-2020-13799
CVE-2020-13799 describes a vulnerability in the Replay Protected Memory Block (RPMB) protocol used by storage interfaces (eMMC/UFS/NVMe). The issue arises when an attacker can affect the RPMB state without the knowledge of the trusted component that uses RPMB, across multiple standards, potential...
CVE-2020-13799
Western Digital has identified a security vulnerability in the Replay Protected Memory Block RPMB protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards bodies and is implemente...
CVE-2019-15027
The MediaTek Embedded Multimedia Card eMMC subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clearemmcnomediaentry in platform/mt6577/external/meta/emmc/metaclremmc.c...
Code injection
The MediaTek Embedded Multimedia Card eMMC subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clearemmcnomediaentry in platform/mt6577/external/meta/emmc/metaclremmc.c...
CVE-2019-15027
The CVE-2019-15027 issue affects the MediaTek Embedded Multimedia Card (eMMC) subsystem on Android devices with MT65xx, MT66xx, and MT8163 SoCs. The root cause is in clear_emmc_nomedia_entry (platform/mt6577/external/meta/emmc/meta_clr_emmc.c), which invokes system("/system/bin/rm -r /data/" + a ...
CVE-2019-15027
The MediaTek Embedded Multimedia Card eMMC subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clearemmcnomediaentry in platform/mt6577/external/meta/emmc/metaclremmc.c...
Buffer overflow
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, and SDX20, when reading CDT from eMMC...
CVE-2015-9143
CVE-2015-9143 affects Android devices with Qualcomm Snapdragon platforms (including IPQ4019, MDM9xxx, MSM89x, SD family) prior to the 2018-04-05 security patch level. The issue is a buffer overflow that occurs when reading CDT from eMMC with a very large meta offset exceeding the default CDT-arra...
CVE-2017-14870
CVE-2017-14870 affects Android for MSM/CAF Linux-based Android (Android builds using CAF), specifically involving 1088 bytes of stack memory leakage during eMMC recovery message updates. The vulnerability is categorized as information disclosure with partial confidentiality impact and could be ex...
CVE-2017-14870
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked...
CVE-2014-9961
In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection...