Lucene search
K

86 matches found

OSV
OSV
added 2023/07/20 1:15 a.m.1 views

DEBIAN-CVE-2022-28737

There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...

7.8CVSS7.6AI score0.00332EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/03/23 4:11 a.m.1 views

SUSE CVE-2022-40540

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel...

8.4CVSS7.3AI score0.00166EPSS
Exploits0References3
NVD
NVD
added 2023/03/10 9:15 p.m.36 views

CVE-2022-40540

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel...

8.4CVSS8.6AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2023/03/07 4:43 a.m.148 views

CVE-2022-40540

CVE-2022-40540 targets the Linux kernel, specifically a memory corruption flaw in the Qualcomm mdt loader. The issue arises from a buffer copy during firmware loading in qcom_mdt_read_metadata within drivers/soc/qcom/mdt_loader.c, where input size is not properly validated. The Red Hat security e...

8.4CVSS8.1AI score0.00166EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/07 4:43 a.m.37 views

CVE-2022-40540 Buffer copy without checking the size of input in Linux Kernel

Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel...

8.4CVSS8.8AI score0.00166EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/05 12:0 a.m.5 views

PT-2022-6528 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a buffer copy without checking the size of input, which can lead to memory corruption. This can occur while loading firmware in the Linux Kernel. The exploitati...

8.4CVSS7.5AI score0.00166EPSS
Exploits0References9
OSV
OSV
added 2022/11/14 7:31 p.m.6 views

GSD-2022-1007395 crypto: cavium - prevent integer overflow loading firmware

crypto: cavium - prevent integer overflow loading firmware This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-35838 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue concerns an integer overflow when loading firmware, specifically affecting the crypto component related to Cavium. This problem was introduced in version v4.11 and is resolved in...

7.5AI score
Exploits0References1
OSV
OSV
added 2022/07/14 8:15 p.m.3 views

CVE-2021-26382

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor ACP, irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service...

4.4CVSS5.8AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2022/07/13 9:15 p.m.4 views

CVE-2022-34763

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon...

7.5CVSS5.8AI score0.00273EPSS
Exploits0References1
NVD
NVD
added 2022/07/13 9:15 p.m.23 views

CVE-2022-34762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...

7.5CVSS0.00666EPSS
Exploits0References1
OSV
OSV
added 2022/07/13 9:15 p.m.4 views

CVE-2022-34762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...

7.5CVSS5.8AI score0.00666EPSS
Exploits0References1
Prion
Prion
added 2022/07/13 9:15 p.m.19 views

Path traversal

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...

5CVSS7.4AI score0.00666EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2022/07/13 9:11 p.m.17 views

CVE-2022-34765

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication...

5.5CVSS5.7AI score0.00527EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/12 11:0 a.m.4 views

CVE-2022-34765

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication...

5.5CVSS5.9AI score0.00527EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.7 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software, related to security mechanism failures, allows a intruder to cause a service failure.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software is related to security mechanism errors. Exploiting this vulnerability allows a malicious actor to cause service failure by loading arbitrary firmware files remotely...

7.8CVSS7.5AI score0.00895EPSS
Exploits0References7Affected Software9
RedHat Linux
RedHat Linux
added 2020/06/11 9:37 p.m.9 views

kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service

A flaw was found in the Linux kernel’s implementation of Extended Display Identification Data EDID technology. A firmware identifier string is duplicated with the kstrdup function, and the allocation may fail under very low memory conditions. An attacker could abuse this flaw by causing a Denial ...

5.5CVSS7AI score0.0046EPSS
Exploits0References4
CNVD
CNVD
added 2020/03/25 12:0 a.m.2 views

Samsung Mobile Device Data Forgery Issue Vulnerability

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. Samsung mobile devices are vulnerable to a data forgery issue that can be exploited by attackers to load malicious firmware...

7.5CVSS6.6AI score0.00228EPSS
Exploits0References1
Prion
Prion
added 2018/03/16 10:29 p.m.18 views

Race condition

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file through sysfs...

4.4CVSS7.1AI score0.00135EPSS
Exploits0References2
Mageia
Mageia
added 2018/01/13 2:28 p.m.80 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.13 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KPTI. Note that according to AMD, this issue does not...

6.5CVSS7.4AI score0.93838EPSS
Exploits13References6
Rows per page
Query Builder