53 matches found
CVE-2026-43353
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...
CVE-2025-71285
A flaw was found in the Linux kernel's qrtr driver. A race condition in the Modem Host Interface MHI autoqueue feature for Inter-Processor Communication Router IPCR downlink channels can lead to a NULL pointer dereference. This occurs because a callback function may be invoked before the qrtr...
CVE-2025-71285
Summary of the CVE-2025-71285 cluster: The Linux kernel’s net/qrtr MHI auto_queue feature for IPCR DL channels is being removed. The race occurs when the MHI stack can call the DL path callback before the QRTR client driver is fully initialized, risking NULL pointer dereferences. The fix disables...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pcigeneric: Remove the WQMEMRECLAIM flag from the state workqueue. A recent change created a dedicated workqueue for the state-change work, with WQHIGHPRI and WQMEMRECLAIM flags. However, the state-change work...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Fixed a race condition between unprepare and queuebuf. A client driver may use mhiunpreparefromtransfer to quiesce incoming data during the client driver’s tear-down process. The client driver might also be...
Astra Linux - уязвимость в libvirt
A NULL pointer dereference flaw was discovered in the udevConnectListAllInterfaces function within libvirt. This issue can occur when detaching a host interface while simultaneously collecting the list of interfaces using the virConnectListAllInterfaces API. This flaw could be exploited to carry...
CVE-2023-54249
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...
CVE-2023-54249 bus: mhi: ep: Only send -ENOTCONN status if client driver is available
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992252)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992252 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer...
CentOS 9 : kernel-5.14.0-632.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-632.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a...
CVE-2023-53598 bus: mhi: host: Range check CHDBOFF and ERDBOFF
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address might be computed which later causes a kernel panic...
EUVD-2022-55315
Malicious code in bioql PyPI...
CVE-2022-50418 wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: mhi: fix potential memory leak in ath11kmhiregister mhialloccontroller allocates a memory space for mhictrl. When gets some error, mhictrl should be freed with mhifreecontroller. But when ath11kmhireadaddrfromdt...
AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability
AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...
VulnCheck KEV: CVE-2024-54085
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...
CVE-2022-49866 net: wwan: mhi: fix memory leak in mhi_mbim_dellink
In the Linux kernel, the following vulnerability has been resolved: net: wwan: mhi: fix memory leak in mhimbimdellink MHI driver registers network device without setting the needsfreenetdev flag, and does NOT call freenetdev when unregisters network device, which causes a memory leak. This patch...
AMI Security Advisory AMI-SA-2025003 (CVE-2024-54084,CVE-2024-54085)
Brocade is aware of AMI Security Advisory AMI-SA202503 disclosing CVE-2024-54084, CVE-2024-54085. CVE-2024-54084 APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may...
CVE-2024-54085
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...
CVE-2024-54085
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...
CVE-2024-54085
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...