280 matches found
CVE-2024-26990
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU accounts for any...
QEMU: improper IDE controller reset can lead to MBR overwrite
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
SUSE CVE-2021-47187
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...
CVE-2021-47187
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...
UBUNTU-CVE-2021-47187
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...
CVE-2021-47187 arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...
CVE-2021-47187
CVE-2021-47187 concerns arm64: dts: qcom: msm8998 in the Linux kernel. The issue was a miscalculation of min-residency-us and conflicting idle-time parameters between CPU sleep and L2 power-collapse timings, which could cause SoC instability (random reboots/lockups) when CPU scaling is enabled. A...
CVE-2021-47187
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...
IdeaSoft To Launch an Innovative Perpetual DEX on INTMAX’s Open-source L2 Plasma Next
By Uzair Amir Building on Plasma Next would make the DEX as convenient as CEX for trading with low fees, slippage, and waiting period. This is a post from HackRead.com Read the original post: IdeaSoft To Launch an Innovative Perpetual DEX on INTMAX’s Open-source L2 Plasma Next...
[SECURITY] Fedora 40 Update: ovn-23.09.0-139.fc40
OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups...
Security Bulletin: Vulnerabilities in GSKit affect Content Manager Enterprise Edition (CVE-2015-7421)
Summary Vulnerabilities were discovered in GSKit. Content Manager Enterprise Edition uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-7421 DESCRIPTION: A vulnerability in GSKit could allow a remote attacker to obtain sensitive information. The internal ICC PRNG...
L1 TO L2 ERC20 TOKEN TRANSFER CAN BE DoS IN THE FxERC20ChildTunnel CONTRACT SINCE A MALICIOUS USER CAN SET THE fxRootTunnel ADDRESS TO AN INVALID ADDRESS
Lines of code Vulnerability details Impact The FxERC20ChildTunnel is a smart contract which is used for the L2 token management. The FxERC20ChildTunnel contract inherits from the FxBaseChildTunnel contract. The FxBaseChildTunnel contract has the validateSender modifier which requires the sender o...
In FxERC20RootTunnel, there is no option to get bridged tokens back in case the transaction can not be executed on L2
Lines of code Vulnerability details Impact If the transaction on L2 fails to be executed the tokens deposited on L1 will be lost since there is no way to recover them Proof of Concept When calling FxERC20RootTunnel:: withdraw the users deposits a certain amount of tokens to the bridge that he wan...
CVE-2023-0011
A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...
Input validation
A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...
CVE-2023-0011 Command Execution through Serial Interface of u-blox TOBY-L2
A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...
CVE-2023-0011 Command Execution through Serial Interface of u-blox TOBY-L2
A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...
CVE-2023-0011
CVE-2023-0011 affects the TOBY-L2 family (TOBY-L200/TOBY-L201/TOBY-L210/TOBY-L220/TOBY-L280). A flaw in input validation allows an attacker with physical access to the serial interface to execute arbitrary OS commands via crafted AT commands, granting root privileges, enabling reading system file...
PT-2023-15946 · Toby-L200 +4 · Toby-L200 +4
Name of the Vulnerable Software and Affected Versions: TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280 Description: A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This issue...
Medium: qemu
Issue Overview: A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L...