59 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a resource leak in the firmwareloader module...
CLSA-2024-1731348593 kernel: Fix of 18 CVEs
mm: call the securitymmapfile LSM hook in remapfilepages CVE-2024-47745 - slip: make slhcremember more robust against malicious packets CVE-2024-50033 - drm/amdkfd: amdkfdfreegttmem clear the correct pointer CVE-2024-49991 - firmwareloader: Block path traversal CVE-2024-47742 - ext4: avoid OOB...
firmware_loader: Block path traversal
...
SUSE CVE-2024-47742
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
CVE-2024-47742
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
DEBIAN-CVE-2024-47742
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
AZL-50800 CVE-2024-47742 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
AZL-51027 CVE-2024-47742 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
UBUNTU-CVE-2024-47742
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
CVE-2024-47742 firmware_loader: Block path traversal
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
CVE-2024-47742 firmware_loader: Block path traversal
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
CVE-2024-47742
CVE-2024-47742 : Linux kernel firmware_loader path traversal vulnerability. Several code paths construct firmware filenames from device or userspace data (e.g., lpfc_sli4_request_firmware_update, nfp_net_fw_find, module_flash_fw_schedule). The issue arises when dynamic firmware names can include ...
Linux kernel 路径遍历漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of path traversal in the firmwareloader component...
PT-2024-32788
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to the firmware loader in the Linux kernel, where certain code paths construct firmware file names from string components passed through from devices or semi-privileged...
kernel: firmware_loader: Fix use-after-free during unregister
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix use-after-free during unregister In the following code within firmwareuploadunregister, the call to deviceunregister could result in the devrelease function freeing the fwuploadpriv structure before it is...
kernel: firmware_loader: Fix use-after-free during unregister
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix use-after-free during unregister In the following code within firmwareuploadunregister, the call to deviceunregister could result in the devrelease function freeing the fwuploadpriv structure before it is...
PT-2025-25877 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue has been identified in the Linux kernel's firmware loader. The problem occurs during the unregister process, where the device unregister call could result in the...
GSD-2022-1004973 firmware_loader: Fix memory leak in firmware upload
firmwareloader: Fix memory leak in firmware upload This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...
PT-2022-33233 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v5.19.7 Description: A use-after-free issue was discovered during the unregister process in the firmware loader. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...