67 matches found
[SECURITY] [DLA 3244-1] linux-5.10 security update
Debian LTS Advisory DLA-3244-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings December 20, 2022 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.158-2deb10u1 CVE ID : CVE-2021-3759 CVE-2022-3169 CVE-2022-3435 CVE-2022-3521 CVE-2022-3524 CVE-2022-3564...
CVE-2022-29279
Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: versi...
PT-2022-19519 · Kernel · Kernel
Name of the Vulnerable Software and Affected Versions: Kernel 5.0 versions prior to 05.09.17 Kernel 5.1 versions prior to 05.17.17 Kernel 5.2 versions prior to 05.27.17 Kernel 5.3 versions prior to 05.36.17 Kernel 5.4 versions prior to 05.44.17 Kernel 5.5 versions prior to 05.52.17 Description: T...
PT-2022-21900 · Insyde · Sdhostdriver
Name of the Vulnerable Software and Affected Versions: SdHostDriver driver versions prior to kernel 5.2: 05.27.25 SdHostDriver driver versions prior to kernel 5.3: 05.36.25 SdHostDriver driver versions prior to kernel 5.4: 05.44.25 SdHostDriver driver versions prior to kernel 5.5: 05.52.25...
GSD-2022-1003206 drivers: usb: host: Fix deadlock in oxu_bus_suspend()
drivers: usb: host: Fix deadlock in oxubussuspend This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by commit...
GSD-2022-1002897 drivers: usb: host: Fix deadlock in oxu_bus_suspend()
drivers: usb: host: Fix deadlock in oxubussuspend This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...
GSD-2021-1002240 usb: host: ohci-tmio: check return value after calling platform_get_resource()
usb: host: ohci-tmio: check return value after calling platformgetresource This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.256 by commit...
AZL-6588 CVE-2021-38204 affecting package kernel for versions less than 5.10.78.1-1
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service use-after-free and panic by removing a MAX-3421 USB device in certain situations...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable due to a use-after-release and crash flaw in drivers/usb/host/max3421 hcd.c. In some cases, by removing the MAX-3421 USB device, an attacker can exploit the vulnerability to...
VMSA-2020-0023 : VMware ESXi, Workstation, Fusion and NSX-T updates address multiple security vulnerabilities
a. ESXi OpenSLP remote code execution vulnerability CVE-2020-3992 OpenSLP as used in ESXi has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remo...
VMware ESXi, Workstation, Fusion and NSX-T updates address multiple security vulnerabilities (CVE-2020-3981, CVE-2020-3982, CVE-2020-3992, CVE-2020-3993, CVE-2020-3994, CVE-2020-3995)
3a. ESXi OpenSLP remote code execution vulnerability CVE-2020-3992 OpenSLP as used in ESXi has a use-after-free issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. 3b. NSX-T MITM vulnerability CVE-2020-3993 VMware...
CVE-2020-5983
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of...
CVE-2020-5983
CVE-2020-5983 affects NVIDIA’s vGPU software: a vulnerability in the vGPU plugin and host driver kernel module can allow writing beyond the frame buffer memory boundary for guest OSes, potentially causing denial of service or information disclosure. Affected vGPU versions are 8.x (before 8.5), 10...
CVE-2020-5983
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of...
CVE-2019-10623
Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in...
Integer overflow
Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in...
CVE-2019-10623
Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in...
CVE-2019-10623
CVE-2019-10623: A possible integer overflow in the host driver when processing a user-controlled string due to improper validation affects multiple Snapdragon components (Auto, Compute, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile; listed devices/SoCs include QCN7605, Q...
CVE-2018-11947
The txrx stats req might be double freed in the pdev detach when the host driver is unloading in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...
CVE-2018-11947
The txrx stats req might be double freed in the pdev detach when the host driver is unloading in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...