EUVD-2009-0091

Malware in sbrugna...

EUVD-2024-29817

Malicious code in bioql PyPI...

EUVD-2024-30784

Malicious code in bioql PyPI...

SUSE CVE-2025-38337

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2journaldirtymetadata Since handle-htransaction may be a NULL pointer, so we should change it to call ishandleabortedhandle first before dereferencing it. And the following data-race w...

CVE-2024-31957

A vulnerability was discovered in Samsung Mobile Processors Exynos 2200 and Exynos 2400 where they lack a check for the validation of native handles, which can result in a DoSDenial of Service attack by unmapping an invalid length...

CVE-2024-33039

Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service...

CVE-2024-33039

Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service...

CVE-2024-33039

CVE-2024-33039 concerns memory corruption in Qualcomm PAL components when a PAL client passes a random, unvalidated handle to PAL service APIs. The available sources consistently describe this as an unvalidated handle dereference that can lead to memory corruption, with the issue documented acros...

SUSE CVE-2024-42261

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handl...

CVE-2024-42260

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking...

CVE-2024-42261 drm/v3d: Validate passed in drm syncobj handles in the timestamp extension

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handl...

CVE-2024-42260 drm/v3d: Validate passed in drm syncobj handles in the performance extension

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking...

CVE-2024-42261 drm/v3d: Validate passed in drm syncobj handles in the timestamp extension

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handl...

CVE-2024-31959

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution...

Samsung Mobile Processor Security Vulnerability

SAMSUNG Mobile Processor is a family of mobile processors from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Mobile Processor that stems from a lack of checks for native handle validation, which could lead to code execution...

CVE-2024-31959

Summary: CVE-2024-31959 affects Samsung Mobile Processor Exynos 2200, Exynos 1480, and Exynos 2400. The root cause is a missing validation check for native handles, which can enable code execution. The CVSS data in the provided documents indicate a high severity impact with local attack vector an...

Samsung Mobile Processor Security Vulnerability

SAMSUNG Mobile Processor is a family of mobile processors from Samsung South Korea. A security vulnerability exists in Samsung Mobile Processor that stems from a lack of checks for native handle validation, which could lead to out-of-bounds writes...

CVE-2024-31958

CVE-2024-31958 affects Samsung Mobile Processor Exynos families 2200, 1480, and 2400. The issue is a lack of validation for native handles, which can lead to an Out-of-Bounds Write. Documents consistently describe the affected components and the root cause but do not provide concrete exploit deta...

Migration of Profiles can fail due to difference in handle validity in V1 and V2

Lines of code Vulnerability details Impact Profiles with certain type of handles in V1 cannot be migrated to V2. Proof of Concept In V1 and V2, the validity of handles is determined differently. Due to this it is possible that some profiles have handles that are valid according to V1 validation b...

Not all profiles can be migrated to V2 profile

Lines of code Vulnerability details Impact There seem to be some differences in the validation logic that makes the V1 to V2 conversion for some profiles impossible. Proof of Concept // SPDX-License-Identifier: UNLICENCED pragma solidity =0.8.4; contract HandleMigration uint256 internal constant...