14 matches found
SUSE CVE-2026-31747
In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...
Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2025-39787)
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...
CVE-2025-39787
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...
CVE-2022-38873
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-366...
kernel: firmware: cs_dsp: Fix overflow checking of wmfw header
A vulnerability was found in the Linux kernel's firmware driver csdsp.c, where a buffer overflow is possible in the wmfw header due to insufficient buffer size checks. The issue stems from the size of one of the structs that the code checks, the wmfwadsp?sizes struct, which can vary depending on...
kernel: null pointer when load rlc firmware
A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC Run-Length Coding firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpuucoderequest,...
SUSE CVE-2024-41039
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer...
DEBIAN-CVE-2024-41039
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer...
SUSE CVE-2024-26649
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer when load rlc firmware If the RLC firmware is invalid because of wrong header size, the pointer to the rlc firmware is released in function amdgpuucoderequest. There will be a null pointer error i...
kernel: null pointer when load rlc firmware
A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC Run-Length Coding firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpuucoderequest,...
CVE-2022-38873
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-366...
D-Link DAP-2310和DAP-2330 安全漏洞
D-Link DAP-2310 and DAP-2330 are both products of China AUO D-Link.The DAP-2310 is a single-band wireless network access point for small businesses or schools that need a fast and reliable wireless network.The DAP-2330 is a wireless N300 single-band PoE access point. Provides reliable, high-speed...
Geovision Inc. IP CameraVideoAccess Control - Multiple Remote Command Execution Stack Overflow Double Free Unauthorized Access
Geovision Inc. IP CameraVideoAccess Control - Multiple Remote Command Execution Stack Overflow Double Free Unauthorized Access STX Subject: Geovision Inc. IP Camera/Video/Access Control Multiple Remote Command Execution - Multiple Stack Overflow - Double free - Unauthorized Access Attack vector:...