Lucene search
K

86 matches found

OSV
OSV
added 2025/09/15 3:15 p.m.3 views

DEBIAN-CVE-2022-50330

In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we tr...

5.5CVSS5.5AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/15 2:49 p.m.5 views

CVE-2022-50330 crypto: cavium - prevent integer overflow loading firmware

In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we tr...

0.00146EPSS
Exploits0References8
CVE
CVE
added 2025/09/15 2:49 p.m.23 views

CVE-2022-50330

CVE-2022-50330: In the Linux kernel, the cavium crypto path has an overflow when loading firmware. The overflow arises from the code_length value sourced from the firmware file; multiplying ntohl(ucode->code_length) by 2 can overflow, potentially enabling local impact per the advisory. The des...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/09/15 2:49 p.m.6 views

CVE-2022-50330 crypto: cavium - prevent integer overflow loading firmware

In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we tr...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/09/15 2:45 p.m.14 views

CVE-2022-50297 wifi: ath9k: verify the expected usb_endpoints are present

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usbendpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. In this case there was an interrupt endpoint where the driver expected a bu...

0.00149EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.11 views

PT-2025-37632

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the crypto/cavium module where an integer overflow can occur when loading firmware. The code length value, sourced from the firmware file, is used in ...

7.8CVSS6.8AI score0.21314EPSS
Exploits5References1033
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: rp2: use 'requestfirmware' instead of 'requestfirmwarenowait' In 'rp2probe', the driver registers 'rp2uartinterrupt' then calls 'rp2fwcb' through...

5.5CVSS6.7AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 2025/07/25 3:15 p.m.4 views

CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

5.5CVSS0.0017EPSS
Exploits0References10
OSV
OSV
added 2025/07/25 3:15 p.m.4 views

UBUNTU-CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

5.5CVSS6.1AI score0.0017EPSS
Exploits0References42
OSV
OSV
added 2025/07/25 2:16 p.m.3 views

CVE-2025-38420 wifi: carl9170: do not ping device which has failed to load firmware

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

5.5CVSS6AI score0.0017EPSS
Exploits0References13
CVE
CVE
added 2025/07/25 2:16 p.m.83 views

CVE-2025-38420

CVE-2025-38420 ffecting the Linux kernel’s wifi Carl9170 driver. The issue occurs when the device that failed firmware loading is pinged; since ieee80211_register_hw() fails, the internal workqueue created by ieee80211_queue_work() is not yet present, causing a null pointer dereference if a queue...

5.5CVSS6.3AI score0.0017EPSS
Exploits0References10Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 9:26 p.m.10 views

CVE-2021-30066

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification for a USB stick can be bypassed. NOTE: this issue exists because of an...

7.2CVSS7.2AI score0.00273EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: wifi: rtw88: always wait for both firmware loading attempts

A use-after-free flaw was found in the Linux kernel's mac80211-based wireless driver when firmware loading fails. This issue could allow a local user to crash the system as result of driver failure on an error path during power on...

7.8CVSS6.8AI score0.00246EPSS
Exploits0References5
OSV
OSV
added 2025/05/01 3:16 p.m.2 views

DEBIAN-CVE-2022-49881

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in queryregdbfile In the function queryregdbfile the alpha2 parameter is duplicated using kmemdup and subsequently freed in regdbfwcb. However, requestfirmwarenowait can fail without calling...

5.5CVSS5.5AI score0.00166EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-21784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function...

5.5CVSS5.7AI score0.00193EPSS
Exploits0References2
NVD
NVD
added 2025/02/27 3:15 a.m.12 views

CVE-2025-21784

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...

5.5CVSS0.00193EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/02/27 2:18 a.m.7 views

CVE-2025-21784

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...

5.5CVSS5.6AI score0.00193EPSS
Exploits0
CVE
CVE
added 2025/02/27 2:18 a.m.117 views

CVE-2025-21784

CVE-2025-21784 affects the Linux kernel’s drm/amdgpu path. The vulnerability arises in psp_init_cap_microcode() where the code must bail out on firmware load failure to avoid invalid memory access. The connected Astra Linux bulletin reiterates this fix for psp_init_cap_microcode(). The practical ...

5.5CVSS6.5AI score0.00193EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – added a proper sanity check for endpoints. Syzkaller reports that a warning was triggered due to the presence of an incorrect endpoint type during the URB processing stage. Although a check was performed for a...

5.5CVSS6.2AI score0.00254EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw88 – Always wait for both firmware loading attempts. In rtwwaitfirmwarecompletion, always wait for both regular and wowlan firmware loading attempts. Otherwise, if rtwusbintfinit fails in rtwusbprobe, rtwusbdisconnect ma...

7.8CVSS6.1AI score0.00246EPSS
Exploits0References3
Rows per page
Query Builder