22 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Do not block the input queue by waiting for the MSC response. Currently, the gsmqueue function processes incoming frames. When opening a DLC channel, it calls gsmdlciopen, which in turn calls gsmmodemupdate. If the bas...
CVE-2025-40071
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...
CVE-2025-40071 tty: n_gsm: Don't block input queue by waiting MSC
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the gsmmodemupdviamsc function potentially blocking the input queue when processing basic mode, which could...
EUVD-2024-19719
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-22123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog CVE-2022-50865 In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123 Zabbix Arbitrary File Read
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123 Zabbix Arbitrary File Read
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbixserver will try to communicate with it as modem. As a result, log file will be broken with AT commands and...
CVE-2024-22123
CVE-2024-22123 affects Zabbix server on Linux where SMS media can point to a GSM modem file. The underlying issue is that Linux treats everything as a file, allowing an attacker to replace the modem file with another file (e.g., a log file). Zabbix server may then attempt to communicate with that...
PT-2024-6100 · Zabbix +4 · Zabbix +4
Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: The issue is related to incorrect code generation control in the Zabbix monitoring system. It allows a remote attacker to execute arbitrary code. Setting SMS media allows configuring a GSM...
DEBIAN-CVE-2023-52872
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix race condition in status line change on dead connections gsmcleanupmux cleans up the gsm by closing all DLCIs, stopping all timers, removing the virtual tty devices and clearing the data queues. This procedure,...
SUSE CVE-2023-31082
An issue was discovered in drivers/tty/ngsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmldwrite, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability...
Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router. The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker could... This is...
ZTE MF971R STK_PROCESS stack-based buffer overflow vulnerability
Summary An exploitable Stack Based Buffer Overflow vulnerability exists in ZTE MF971R LTE router version wainnerversion:BDPLKPLMF971R1V1.0.0B06. A specially-crafted HTTP request can cause a stack-based buffer overflow and leads to remote code execution. An attacker needs to provide a URL to the...