13 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300i2cconfigxfer' to ensure the data length isn't within the supported range. In particular a data length of 0 is not...
DEBIAN-CVE-2026-31627
In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it should be verified to ensure that it is in the range of 0..I2CSMBUSBLOCKMAX before processing it. This i...
CVE-2026-23197
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
Linux Distros Unpatched Vulnerability : CVE-2026-23197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the...
PT-2026-2551
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to out-of-bounds access within the dtv5100 i2c msg function. The rlen value, which is controlled by the user, is not properly validated before...
CVE-2023-54175 i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fix runtime PM leak on error path The xiicxfer function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currently one error path wher...
kernel: i2c: i801: Don't generate an interrupt on bus reset
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunately, the interrupt...
DEBIAN-CVE-2022-48632
In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbfi2csmbusstarttransaction memcpy is called in a loop while 'operation-length' upper bound is not checked and 'dataidx' also increments...
SUSE CVE-2021-46934
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
SUSE CVE-2022-34835
In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...
kernel: i2c: unbounded length leads to buffer overflow in ismt_access()
A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. In particular, the userspace controllable "data-block0" variable was not capped to a numbe...
UVI-2021-1000703 i2c: i801: Don't generate an interrupt on bus reset
i2c: i801: Don't generate an interrupt on bus reset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.271 by commit...
PT-2024-10831 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A reference leak issue has been resolved in the Linux kernel. The problem occurs in the i2c imx xfer and i2c imx remove functions, where the pm reference count is not expected to be...