Lucene search
K

567 matches found

CERT
CERT
added 2024/09/19 12:0 a.m.22 views

A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server

Overview A stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework ASF that can lead to remote code execution. Description An implementation of DHCP in ASF fails input validation, thereby creating conditions for a stack-based overflow. The...

9.8CVSS9.6AI score0.01377EPSS
Exploits0References7
HackRead
HackRead
added 2024/08/22 12:15 p.m.7 views

US Microchip Giant Hit by Cyberattack, Disrupting Operations

Microchip Technology hit by cyberattack, disrupting manufacturing operations. A major disruption to semiconductor production has been reported, impacting…...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2024/08/19 3:16 p.m.25 views

CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.8CVSS6.8AI score0.00225EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/08/18 2:2 a.m.2 views

SUSE CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.5CVSS7.1AI score0.00225EPSS
Exploits0References10
NVD
NVD
added 2024/08/17 9:15 a.m.21 views

CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.5CVSS0.00225EPSS
Exploits0References3
OSV
OSV
added 2024/08/17 9:15 a.m.1 views

DEBIAN-CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.5CVSS5.4AI score0.00225EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/17 9:15 a.m.11 views

CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References10
OSV
OSV
added 2024/08/17 9:15 a.m.1 views

UBUNTU-CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2024/08/17 9:8 a.m.16 views

CVE-2024-42279 spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

6.7AI score0.00225EPSS
Exploits0References3
CVE
CVE
added 2024/08/17 9:8 a.m.93 views

CVE-2024-42279

CVE-2024-42279 (Linux kernel) affects the spi/microchip-core interface. The issue occurs when transmitting with rx_len == 0: the RX FIFO is not emptied in the interrupt handler, causing a subsequent transfer to read stale data from the previous RX FIFO into the start RX buffer. The fix is to use ...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2024/08/17 9:8 a.m.14 views

CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.5CVSS5.4AI score0.00225EPSS
Exploits0
Cvelist
Cvelist
added 2024/08/17 9:8 a.m.29 views

CVE-2024-42279 spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

0.00225EPSS
Exploits0References3
OSV
OSV
added 2024/08/17 9:8 a.m.13 views

CVE-2024-42279 spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/08/17 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the microchip-core component to ensure that the TX and RX FIFOs are empty at the start of a...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References5
NVD
NVD
added 2024/08/08 3:15 p.m.32 views

CVE-2024-7490

Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...

9.8CVSS0.01377EPSS
Exploits0References2
OSV
OSV
added 2024/08/08 3:15 p.m.3 views

CVE-2024-7490

Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...

9.8CVSS6.7AI score0.01377EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/08 3:1 p.m.26 views

CVE-2024-7490 Remote Code Execution in Advanced Software Framework DHCP server

Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...

9.5CVSS8AI score0.01377EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/08 3:1 p.m.35 views

CVE-2024-7490 Remote Code Execution in Advanced Software Framework DHCP server

Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwipdhcpfindoption. This issue affect...

9.5CVSS0.01377EPSS
Exploits0References1
CVE
CVE
added 2024/08/08 3:1 p.m.83 views

CVE-2024-7490

The CVE-2024-7490 issue is a stack-based overflow in Microchip Advanced Software Framework’s tinydhcpserver implementation (lwip_dhcp_find_option) caused by improper input validation. Affects ASF through version 3.52.0.2574; no fixes in the ASF stack are provided, and Microchip states the framewo...

9.8CVSS7.6AI score0.01377EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/08/08 12:0 a.m.3 views

Microchip Advanced Software Framework 安全漏洞

Microchip Advanced Software Framework is a codebase for microprocessor embedded development from Microchip Corporation USA. The code base simplifies the use of microcontrollers by providing an abstraction of the hardware through drivers and high-value middleware. A security vulnerability exists i...

9.8CVSS8.2AI score0.01377EPSS
Exploits0References4
Rows per page
Query Builder