PT-2025-20945 · Microsoft · Windows Trusted Runtime Interface Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Trusted Runtime Interface Driver affected versions not specified Description: The issue involves the use of an uninitialized resource in the Windows Trusted Runtime Interface Driver, allowing an authorized attacker to disclose...

USN-7449-2 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

Linux Distros Unpatched Vulnerability : CVE-2024-39507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at...

SUSE CVE-2022-49298

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix uninit-value in r871xudrvinit When 'tmpU1b' returns from r8712read8padapter, EE9346CR is 0, 'mac6' will not be initialized. BUG: KMSAN: uninit-value in r871xudrvinit+0x2d54/0x3070...

OESA-2024-2107 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when setting link state, it calls releaseresources which frees the napi...

Samsung Mobile Devices Out-of-Bounds Read Vulnerability

Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in setskbpriv, leading to remote code execution by dereference of an invalid function pointer...

kernel: ibmvnic: free reset-work-item when flushing

A memory leak flaw was found in the Linux kernel’s IBM Virtual Network Interface Controller ibmvnic driver. This issue involved not properly freeing memory associated with a reset work item when the reset work queue is flushed, causing the reset-work-item not to be deallocated. This flaw allows a...

CVE-2022-21773

In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641388; Issue ID: ALPS06641388...

Intel NUC 访问控制错误漏洞

The Intel NUC is a small minicomputer from Intel USA. An Access Control Error vulnerability exists in the Intel NUC 11 Gen Intel Serial IO driver, which stems from a default privilege management error in the product's installer. An attacker could use this vulnerability to cause a denial of servic...

CVE-2021-25488

Lack of boundary checking of a buffer in recvdata of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read...

CVE-2021-25489

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic...

CVE-2021-25487

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer...

Design/Logic Flaw

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer...

CVE-2021-25489

The CVE-2021-25489 issue affects Samsung Mobile Devices, caused by improper input validation in the modem interface driver, triggering a format-string error that can cause a kernel panic. Affected are Samsung Mobile Devices prior to SMR Oct-2021 Release 1. The root cause is missing input validati...

CVE-2021-25488

The CVE-2021-25488 issue affects Samsung devices via the modem interface driver’s recv_data() function. The root cause is a missing boundary check in the buffer handling, before the SMR Oct-2021 Release 1 patch, which permits an out-of-bounds (OOB) read. The vulnerability is documented across mul...

CVE-2021-25487

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer...

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung cell phone applications. A security vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1, which stems from a missing buffer boundary check in recvdata of the modem interface driver,...

PT-2021-16677 · Samsung · Samsung Mobile Devices

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR Oct-2021 Release 1 Description: The issue is related to a lack of boundary checking of a buffer in the set skb priv function of the modem interface driver. This allows an out-of-bounds read, which...

CVE-2021-25487

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

LSN-0068-1: Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...