CVE-2026-46250

A flaw was found in the Linux kernel, specifically affecting the MIPS architecture when compiled with LLVM. This vulnerability occurs because LLVM incorrectly restores the $gp register, which is used as a global register variable, after it has been intentionally modified during kernel relocation...

CVE-2026-46250

In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is simply assigned with new address during kernel relocation. This...

CVE-2023-48194

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...

CVE-2023-48194

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...

CVE-2023-48194

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...

CVE-2023-48194

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...

CVE-2023-48194

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...

CVE-2023-48194

CVE-2023-48194 affects Tenda AC8v4 firmware .V16.03.34.09. The vulnerability stems from an sscanf issue where the last digit of s8 can be overwritten with a null byte, enabling after set_client_qos a condition in which control over the gp register may be obtained. Connected sources corroborate th...