11 matches found
CVE-2021-0607
In iaxxxcalci2sdiv of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
EUVD-2021-3226
Malicious code in bioql PyPI...
CVE-2024-29216
Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the firmware...
CVE-2024-29216
The CVE-2024-29216 issue affects the Sangoma cg6kwin2k.sys driver (cg6kwin2k.sys) prior to version 2.1.7.0. A user without administrator privileges can send a crafted IOCTL, enabling I/O to arbitrary hardware ports or physical addresses and potentially erasing or altering firmware. Affected compo...
CVE-2024-29216
Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the firmware...
Sangoma Technologies CG/MG family driver cg6kwin2k.sys vulnerable to insufficient access control on its IOCTL
Overview CG/MG family driver cg6kwin2k.sys provided by Sangoma Technologies is vulnerable to insufficient access control on its IOCTL CWE-782. Takahiro Haruyama of Broadcom Carbon Black reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact By sending a specifi...
CVE-2021-0607
In iaxxxcalci2sdiv of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Out-of-bounds
In iaxxxcalci2sdiv of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0607
CVE-2021-0607 affects the Android kernel in the Knowles IAXXX adnc driver. The issue is in iaxxx_calc_i2s_div (iaxxx-codec.c) where a missing bounds check on a hardware port write allows an attacker with local access to supply data that leads to local elevation of privilege. Exploitation requires...
CVE-2021-0607
In iaxxxcalci2sdiv of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
PUB-A-180950209
In iaxxxcalci2sdiv of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...