572 matches found
Symmetricom SyncServer Unauthenticated - Remote Command Execution
Microchip Technology Microsemi SyncServer S650 was discovered to contain a command injection vulnerability. id: CVE-2022-40022 info: name: Symmetricom SyncServer Unauthenticated - Remote Command Execution author: DhiyaneshDK,mielverkerken severity: critical description: | Microchip Technology...
CVE-2026-10644
The Microchip SERCOM-G1 UART driver drivers/serial/uartmchpsercomg1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uartrxenable is invoked with a one-byte receive buffer len == 1 and CONFIGUARTMCHPASYNC is enabled, the RX-complete...
CVE-2026-10644
The CVE describes an out-of-bounds write in Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c) used by the PIC32CM-JH family. When uart_rx_enable() is called with a one-byte receive buffer (len == 1) and CONFIG_UART_MCHP_ASYNC is enabled, the RX-complete ISR starts a single-be...
CVE-2026-10644 Out-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte buffer
The Microchip SERCOM-G1 UART driver drivers/serial/uartmchpsercomg1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uartrxenable is invoked with a one-byte receive buffer len == 1 and CONFIGUARTMCHPASYNC is enabled, the RX-complete...
CVE-2026-10644
The Microchip SERCOM-G1 UART driver drivers/serial/uartmchpsercomg1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uartrxenable is invoked with a one-byte receive buffer len == 1 and CONFIGUARTMCHPASYNC is enabled, the RX-complete...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Do not free uninitialized kszirq If there are issues during initialization, the kszirqfree function may be called on uninitialized kszirq values for example, when kszptpirqsetup fails. This can result in...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Net: DSA: Microchip: Kszcommon: Fixed the refcount leak bug. In kszswitchregister, we should call ofnodeput for the reference returned by ofgetchildbyname, which has increased the refcount...
clk: microchip: mpfs-ccc: fix out of bounds access during output registration
...
SUSE CVE-2026-46293
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...
CVE-2026-46293
A flaw was found in the Linux kernel's clock driver for Microchip PolarFire SoC MPFS systems. This vulnerability involves an out-of-bounds memory access that occurs during the registration of clock outputs. The issue stems from incorrect memory allocation within the driver, which can lead to syst...
UBUNTU-CVE-2026-46293
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...
CVE-2026-46293 clk: microchip: mpfs-ccc: fix out of bounds access during output registration
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...
CVE-2026-46293
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...
CVE-2026-46293 clk: microchip: mpfs-ccc: fix out of bounds access during output registration
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...
EUVD-2026-35159
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...
PT-2026-47365
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs in the mpfs-ccc clock driver during the registration of the last two outputs. This happens because the hws array is allocated space for two PLLs and their...
Linux Distros Unpatched Vulnerability : CVE-2026-46192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself...
SUSE CVE-2026-46192
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...
Linux Distros Unpatched Vulnerability : CVE-2026-46148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: microchip-core-qspi: control built-in cs manually The coreQSPI IP supports only a single chip select, which is automagically operated by the hardware - set...
CVE-2026-46148
A flaw was found in the Linux kernel's microchip-core-qspi driver. When multiple devices are connected to the QSPI controller, the built-in chip select CS was automatically set to an active state even when Linux attempted to access a device using a General Purpose Input/Output GPIO pin for its ch...