Input validation

An improper input validation in SMCSRPMBWSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

Input validation

An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

Input validation

An improper boundary check in edenruntime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2022-23432

CVE-2022-23432 records an improper input validation in the SMC_SRPMB_WSM handler of RPMB ldfw, before SMR Feb-2022 Release 1, that allows arbitrary memory writes and code execution. Affected: RPMB ldfw/SMSC SRPMB WSM handler (pre-Release 1 Feb-2022). Impact: local attacker could corrupt memory an...

CVE-2022-23431

CVE-2022-23431 involves an improper boundary check in the RPMB ldfw component prior to SMR Feb-2022 Release 1, as described across multiple sources. The vulnerability allows arbitrary memory write and code execution. Relevant entries from NVD/Red Hat/NCSC-style advisories consistently reference t...

CVE-2022-23431

An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2022-23428

An improper boundary check in edenruntime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2022-23428

CVE-2022-23428 : An improper boundary check in the eden_runtime HAL service before SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. The vulnerability is documented across multiple sources (NVD, CNVD, Red Hat, etc.) and is associated with Google Android. Affected component:...

PT-2022-15990 · Rpmb · Rpmb

Name of the Vulnerable Software and Affected Versions: RPMB ldfw versions prior to SMR Feb-2022 Release 1 Description: The issue is related to improper input validation in the SMC SRPMB WSM handler of RPMB ldfw, allowing arbitrary memory write and code execution. Recommendations: For versions pri...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer error vulnerability exists in the kvms390guestsidaop of the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel, which could be exploited by a local...

AlmaLinux 8 : libldb (ALSA-2021:1197)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1197 advisory. - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of th...

USN-5275-1 bluez vulnerability

Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. CVE-2022-0204...

BlueZ 输入验证错误漏洞

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. An input validation error vulnerability exists in the BlueZ gatt server, which stems from a memory write operation being incorrectly processed on the gatt server...

PT-2022-1628 · Linux +10 · Linux Kernel +10

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17-rc4 Description: A flaw in the kvm s390 guest sida op function in KVM for s390 in the Linux kernel allows a local attacker with normal user privileges to obtain unauthorized memory write access. This issue ...

PT-2022-2006

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17-rc8 Description An out-of-bounds OOB memory write flaw exists in the watch queue event notification subsystem. This issue allows the overwriting of parts of the kernel state, which could enable a local user ...

The vulnerability of the web page rendering modules in WebKitGTK and WPE for Apple operating systems such as iPadOS, watchOS, iOS, tvOS, as well as in browsers like Safari, multimedia player iTunes, and iCloud service for Windows operating systems, allows a perpetrator to execute arbitrary code on the target system.

The vulnerability of the web page rendering modules in WebKitGTK and WPE for Apple’s iPadOS, watchOS, iOS, tvOS, Safari browser, multimedia player iTunes, and iCloud service for Windows operating systems is related to writing beyond the buffer limit in memory. Exploiting this vulnerability could...

UBUNTU-CVE-2022-21813

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service...

openSUSE: Security Advisory for xorg-x11-server (openSUSE-SU-2021:4136-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Mageia: Security Advisory (MGASA-2021-0035)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-12237 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU Kernel Driver versions Midgard r26p0 through r30p0 Arm Mali GPU Kernel Driver versions Bifrost r0p0 through r34p0 Arm Mali GPU Kernel Driver versions Valhall r19p0 through r34p0 Description: The issue allows a non-privileged user...