567 matches found
A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server
Overview A stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework ASF that can lead to remote code execution. Description An implementation of DHCP in ASF fails input validation, thereby creating conditions for a stack-based overflow. The...
US Microchip Giant Hit by Cyberattack, Disrupting Operations
Microchip Technology hit by cyberattack, disrupting manufacturing operations. A major disruption to semiconductor production has been reported, impacting…...
CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
SUSE CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
DEBIAN-CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
UBUNTU-CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
CVE-2024-42279 spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
CVE-2024-42279
CVE-2024-42279 (Linux kernel) affects the spi/microchip-core interface. The issue occurs when transmitting with rx_len == 0: the RX FIFO is not emptied in the interrupt handler, causing a subsequent transfer to read stale data from the previous RX FIFO into the start RX buffer. The fix is to use ...
CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
CVE-2024-42279 spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
CVE-2024-42279 spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the microchip-core component to ensure that the TX and RX FIFOs are empty at the start of a...
CVE-2024-7490
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...
CVE-2024-7490
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...
CVE-2024-7490 Remote Code Execution in Advanced Software Framework DHCP server
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...
CVE-2024-7490 Remote Code Execution in Advanced Software Framework DHCP server
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...
CVE-2024-7490
The CVE-2024-7490 issue is a stack-based overflow in Microchip Advanced Software Framework’s tinydhcpserver implementation (lwip_dhcp_find_option) caused by improper input validation. Affects ASF through version 3.52.0.2574; no fixes in the ASF stack are provided, and Microchip states the framewo...
Microchip Advanced Software Framework 安全漏洞
Microchip Advanced Software Framework is a codebase for microprocessor embedded development from Microchip Corporation USA. The code base simplifies the use of microcontrollers by providing an abstraction of the hardware through drivers and high-value middleware. A security vulnerability exists i...