12 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: Initializing the event handler for read bytes A value of 0xff was set for i2c reads of an mctp-i2c device. Otherwise, reads will return “val” from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx, this represents an...
Linux Distros Unpatched Vulnerability : CVE-2026-45865
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return val from the i2c bus driver. For...
EUVD-2026-32331
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...
UBUNTU-CVE-2026-45865
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...
CVE-2026-45865 mctp i2c: initialise event handler read bytes
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...
EUVD-2024-37325
Malicious code in bioql PyPI...
Vulnerability of the npcm_i2c_probe_bus() function (driver/i2c/buses/i2c-npcm7xx.c) in the Linux kernel, allowing a hacker to cause a service failure
The vulnerability of the npcmi2cprobebus function from the drivers/i2c/busses/i2c-npcm7xx.c file in the Linux kernel is related to insufficient locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the BMC controller software of Nuvoton BootBlock series, Nuvoton NPCM7xx, related to the bypassing of authentication due to a source error, allows a perpetrator to execute arbitrary code.
The vulnerability of the BMC controller Nuvoton BootBlock series from Nuvoton, specifically the Nuvoton NPCM7xx, relates to the bypassing of authentication due to a fundamental error in the code. Exploiting this vulnerability allows an attacker to execute arbitrary code by modifying the u-boot...
CVE-2024-38433
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...
CVE-2024-38433 Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...
CVE-2024-38433 Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to the SPI-Flash on an NPCM7xx BMC subsystem that uses the Nuvoton BootBlock reference code can modify the u-boot image header on flash parsed by the BootBlock which could lead to arbitrary code execution...
Nuvoton NPCM7xx Security Vulnerability
Nuvoton NPCM7xx is a server remote management control chip from Nuvoton China. A security vulnerability exists in Nuvoton NPCM7xx Poleg BootBlock versions prior to v10.10.19, which originates from bypassing authentication via a major weakness, and can be exploited to modify the u-boot image heade...