CVE-2022-3077

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. This flaw could allow a local user to crash the system...

CVE-2022-3077

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. This flaw could allow a local user to crash the system...

Buffer overflow

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. This flaw could allow a local user to crash the system...

CVE-2022-3077

CVE-2022-3077 : A buffer overflow vulnerability in the Linux kernel Intel iSMT SMBus host controller driver, exposed via I2C_SMBUS (I2C_SMBUS_BLOCK_PROC_CALL) with malicious input. Local users can crash the system. Documents consistently reference this CVE in multiple advisories/plugins (e.g., Mi...

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5602-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5602-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...

USN-5594-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds memory access vulnerability found in Intel's iSMT SMBus host controller driver, which can...

QEMU 安全漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A security vulnerability exists in QEMU's USB xHCI controller that stems from the presence of an infinite loop flaw. An attacker could exploit...

wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where the host-controller tries to reconnect in a loop, generating new connections that are not properly closed while unable to connect to the domain controller. This flaw allows an attacker to cause an Out of memory OOM...

CVE-2022-28613

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is en-abled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the receiving RTU500 CMU to reboot. The...

Debian: Security Advisory (DSA-5095-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: double free in bluetooth subsystem when the HCI device initialization fails

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system...

VMware ESXi 竞争条件问题漏洞

Vmware VMware ESXi is a server virtualization platform from Vmware that can be installed directly on physical servers. A Competing Conditions Issue vulnerability exists in VMware ESXi, which stems from a double fetch vulnerability in the product's UHCI USB controller. A remote user with...

OESA-2022-1484 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a denial of service skboverpanic.CVE-2021-43976 In bpfskbchangehead...

PT-2025-8064

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel's Bluetooth handling has been identified, specifically in the hci sync function. The problem occurs when the HCI UNREGISTER flag is set, which indicates that...

kernel: use-after-free in function hci_sock_bound_ioctl()

A flaw use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hciunregisterdev together with one of the calls hcisockblacklistadd, hcisockblacklistdel, hcigetconninfo,...

kernel: use-after-free in function hci_sock_bound_ioctl()

A flaw use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hciunregisterdev together with one of the calls hcisockblacklistadd, hcisockblacklistdel, hcigetconninfo,...

The vulnerability of the drivers/usb/host/max3421-hcd.c component of the Linux operating system’s kernel lies in the use of memory after it is freed, allowing an attacker to trigger a service failure.

The vulnerability of the Linux operating system’s driver/usb/host/max3421-hcd.c component is related to the use of memory after it has been freed. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

kernel: race condition for removal of the HCI controller

A flaw was found in the Linux kernel’s handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation. The highest threat from this vulnerability is to...

kernel: race condition for removal of the HCI controller

A flaw was found in the Linux kernel’s handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation. The highest threat from this vulnerability is to...