FreeBSD : qemu -- denial of service vulnerability in USB EHCI emulation support (60cb2055-b1b8-11e5-9728-002590263bf5)

Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the USB EHCI emulation support is vulnerable to an infinite loop issue. It occurs during communication between host controller interfaceEHCI and a respective device driver. These two communicate via a isochronous...

qemu -- denial of service vulnerability in USB EHCI emulation support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the USB EHCI emulation support is vulnerable to an infinite loop issue. It occurs during communication between host controller interfaceEHCI and a respective device driver. These two communicate via a isochronous...

Ubuntu: Security Advisory (USN-2667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2664-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2664-1 advisory. A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative...

USN-2666-1: Linux kernel vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

Apple MAC OS X Bluetooth HCI Interface Memory Corruption Vulnerability

Apple Mac OS X is a commercial operating system. A memory corruption vulnerability exists in Apple Mac OS X's handling of the Bluetooth HCI interface, which could allow an attacker to run a malicious application to execute arbitrary code...

(Mobile Pwn2Own) Google Android Bluetooth Forced Pairing Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Android. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Bluetooth application stack allowing for arbitrary Host Controller Interface comman...

UBUNTU-CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...

CVE-2013-5166

CVE-2013-5166 affects Apple Mac OS X before 10.9. The Bluetooth USB host controller prematurely deletes interfaces, enabling local users to cause a denial of service (system crash) via a crafted application. The Red Hat and NVD entries corroborate the same description. No details on patches or fi...

DEBIAN-CVE-2013-5717

The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service application crash via a crafted packet that is not properly handled by the wmemblockalloc function in...

PT-2013-4888 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.2.2 Description: The issue allows remote attackers to cause a denial of service, specifically memory consumption, via unspecified input that is converted to a symbol. This is related to the power and ipmi boot...

Kernel: Bluetooth: HCI & L2CAP information leaks

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

Kernel: Bluetooth: HCI & L2CAP information leaks

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

UBUNTU-CVE-2013-1574

The dissectbthcieiraddata function in epan/dissectors/packet-bthcicmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service infinite loop via a malform...

CVE-2007-6494

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to obtain login access via a request to hosting/addreseller.asp with a username in the reseller parameter, followed by a request to AdminSettings/displays.asp with the DecideAction and ChangeSkin parameters...

CVE-2007-6495

incnewuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the permissions of directories named 1 db, 2 www, 3 Special, and 4 log at arbitrary locations under the web root via a modified Dirroot parameter in an AddUser action to...

CVE-2026-3890

hcd-ohci: infinite loop...