56 matches found
CVE-2024-54085
AMI MegaRAC SPx BMC contains an authentication bypass via the Redfish Host Interface that allows remote attackers to bypass authentication. This affects SPx products, with CVSS data indicating CRITICAL impact (NVD CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8) and (CVSS 4.0: AV:N/AC:L/A...
CVE-2024-54085 Redfish Authentication Bypass
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...
CVE-2024-54085
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. Recent assessments: Assessed Attacker Value...
UBUNTU-CVE-2024-56689
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio' If platformgetresourcebyname fails and returns NULL because DT lacks an 'mmio' property for the MHI endpoint, dereferencing res-start will cause a NULL pointer...
Vulnerabilities of components of the Linux operating system’s kernel, such as IB/hfi1, that allow a hacker to trigger a service failure
The vulnerability of the IB/hfi1 components of the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
ARM Mbed OS 安全漏洞
ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things from ARM UK. A security vulnerability exists in ARM Mbed OS version 6.16.0, which originates when processing HCI packets, where the software dynamically determines the length of the packet data by...
The vulnerability of the mhi component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the mhi component in the Linux operating system’s kernel is related to the bypassing of a lock mechanism before entering the buffer queue. Exploiting this vulnerability can allow an attacker to cause a service failure...
OESA-2024-2010 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces...
OESA-2024-2012 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces...
OESA-2024-2011 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces...
CVE-2022-48866
In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmasterinterrupts Syzbot reported an slab-out-of-bounds Read in thrustmasterprobe bug. The root case is in missing validation check of actual number of endpoints. Code should not blindl...
PT-2024-11290 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, where the MHI Mobile Host Interface core does not properly validate channel IDs when processing command completions. This could lead to out-of-boun...
Updated libvirt packages fix security vulnerability
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...
Oracle Linux 9 : libvirt (ELSA-2024-2236)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2236 advisory. - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' CVE-2023-3750, rhbz2221851 Tenable has extracted the preceding description block...
USN-6734-1 libvirt vulnerabilities
Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. CVE-2024-1441 It was discovered that libvirt incorrectly handled certain RPC library API calls. An attacker cou...
USN-6701-4 linux-azure vulnerabilities
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...
NULL Pointer Dereference
Libvirt is vulnerable to NULL pointer dereference. The vulnerability is caused by a race condition due to the simultaneous detachment of a host interface while collecting the list of interfaces using the virConnectListAllInterfaces API. This race condition leads to a situation where the path...
DEBIAN-CVE-2024-2496
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...
CVE-2024-2496
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...
SUSE CVE-2024-2496
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...