Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Calls boot services in mixed mode on the firmware’s stack Normally, the EFI stub calls into EFI boot services using the stack that was active when the stub was invoked. According to the UEFI specification, this stack...

EUVD-2023-35642

Malicious code in bioql PyPI...

x86/efistub: Call mixed mode boot services on the firmware's stack

...

CVE-2019-13582

An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution...

CVE-2024-35803

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stack needs to b...

DEBIAN-CVE-2024-35803

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stack needs to b...

UBUNTU-CVE-2024-35803

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stack needs to b...

CVE-2024-35803

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stack needs to b...

CVE-2024-35803

CVE-2024-35803 affects the Linux kernel, specifically the x86 efistub in mixed-mode boot handling. The root cause is that EFI boot service calls were made using the decompressor’s 16k boot stack during 32‑bit firmware entry paths, while EFI boot services require a larger (128k) stack. This mismat...

CVE-2023-50585

Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function...

CVE-2023-43203

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a stack overflow vulnerability in the function updateusers...

PT-2023-4220 · Tenda · Tenda Fh1202 +1

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 version 15.03.06.23 Tenda F1202 version 1.2.0.20408 Tenda FH1202 version 1.2.0.20408 Description: The issue is related to a stack overflow in the page parameter in the fromSetIpBind function, which can allow a remote attacker to...

CVE-2023-24132

Jensen of Scandinavia Eagle 1200AC V15.03.06.33en was discovered to contain a stack overflow via the wepkey35g parameter at /goform/WifiBasicSet...

CVE-2022-25418

Tenda AC9 V15.03.2.21cn was discovered to contain a stack overflow via the function openSchedWifi...

Dell BIOSConnect信任管理问题漏洞

DELL Dell BIOSConnect is an underlying platform from Dell USA that enables BIOS to connect to Dell's HTTP backend and load images via the HTTP method. A trust management issue vulnerability exists in the Dell BIOSConnect feature and Dell HTTPS Boot feature that stems from an incorrect certificate...