Lucene search
K

10 matches found

RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.2 views

kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c

A flaw was found in the Linux kernel's implementation of GTCO tablet/digitizer's version of the parsehidreportdescriptor in drivers. An attacker with local access could use this flaw to create a specially crafted USB device inserted into the host to corrupt memory, trigger an out-of-bounds write...

6.8CVSS6.9AI score0.00817EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.3 views

kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c

A flaw was found in the Linux kernel's implementation of GTCO tablet/digitizer's version of the parsehidreportdescriptor in drivers. An attacker with local access could use this flaw to create a specially crafted USB device inserted into the host to corrupt memory, trigger an out-of-bounds write...

6.8CVSS6.9AI score0.00817EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.59 views

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4147-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4147-1 advisory. It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup TDLS. A physically...

9.4CVSS7.5AI score0.05189EPSS
Exploits11References19
OSV
OSV
added 2019/10/04 3:38 p.m.18 views

USN-4147-1 linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup TDLS. A physically proximate attacker could use this to cause a denial of service Wi-Fi disconnect. CVE-2019-0136 It was discovered that the Bluetooth UART...

9.4CVSS6.8AI score0.05189EPSS
Exploits11References19
Cloud Foundry
Cloud Foundry
added 2019/09/30 12:0 a.m.67 views

USN-4115-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this ...

10CVSS8.6AI score0.05789EPSS
Exploits17
Ubuntu
Ubuntu
added 2019/09/11 5:29 a.m.228 views

USN-4115-2: Linux kernel regression

USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. We apologize for...

7.7AI score0.05789EPSS
Exploits17References1
Tenable Nessus
Tenable Nessus
added 2019/09/03 12:0 a.m.47 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4115-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4115-1 advisory. Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received...

10CVSS8AI score0.05789EPSS
Exploits17References29
Ubuntu
Ubuntu
added 2019/09/02 8:38 p.m.280 views

USN-4115-1: Linux kernel vulnerabilities

Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2018-19985 Zhipeng Xie discovered that an...

10CVSS7.6AI score0.05789EPSS
Exploits17
RedhatCVE
RedhatCVE
added 2019/07/18 6:51 a.m.55 views

CVE-2019-13631

A flaw was found in the Linux kernel's implementation of GTCO tablet/digitizer's version of the parsehidreportdescriptor in drivers. An attacker with local access could use this flaw to create a specially crafted USB device inserted into the host to corrupt memory, trigger an out-of-bounds write...

6.8CVSS2.9AI score0.00817EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2018/01/18 12:0 a.m.7 views

The vulnerability of the parse_hid_report_descriptor function (drivers/input/tablet/gtco.c) in the Linux operating system allows a hacker to trigger a service failure or exert other effects.

The vulnerability of the parsehidreportdescriptor function in the Linux kernel’s drivers/input/tablet/gtco.c file arises from a read operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause service failures or other effects such as...

6.8CVSS7.1AI score0.00482EPSS
Exploits0References22Affected Software1
Rows per page
Query Builder