300 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-41515
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...
DEBIAN-CVE-2026-41515
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...
CVE-2026-41515 OP-TEE: RSA-OAEP padding oracle in NXP CAAM driver enables plaintext recovery
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...
CVE-2026-41515
OP-TEE (Trusted Execution Environment for Arm Cortex-A TrustZone) has a vulnerability in the RSA-OAEP decryption path within the NXP CAAM crypto driver. From version 3.9.0 up to, but not including, 4.11.0, the driver uses non-constant-time memcmp() for label hash verification, exposing a Manger-s...
CVE-2026-41515
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...
PT-2026-55973
Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.9.0 through 4.10.x Description The RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error paths. This...
Bosch Security Systems IP Cameras NXP Chip Side-Channel Key Extraction (CVE-2021-3011)
Several Bosch IP cameras are built on a hardware platform that uses an NXP SmartMX/P5x secure element affected by an electromagnetic-wave side-channel vulnerability. An attacker with extended physical access to the device could recover the ECDSA private key and clone the device. The issue resides...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fixed the refcount leak in ohcihcdnxpprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the refcount leak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfc: nxp-nci: Fixed a potential memory leak in nxpncisend The nxpncisend function calls nxpncii2cwrite. The skb is only freed when nxpncii2cwrite fails. However, even if nxpncii2cwrite succeeds, the skb is not freed within...
EUVD-2025-209824
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...
CVE-2025-29338
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...
Exploit for CVE-2025-29338
CVE-2025-29338 — Security Advisory Buffer Overflow in NXP...
NXP moal.ko Wi-Fi driver 安全漏洞
NXP moal.ko Wi-Fi driver is a Wi-Fi kernel driver module developed by NXP for Linux-based wireless network devices, focusing on communication and hardware control. There is a security vulnerability in the NXP moal.ko Wi-Fi driver, which stems from a buffer overflow in the modpara parameter of the...
CVE-2025-29338
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...
CVE-2025-29338
CVE-2025-29338 affects the NXP moal.ko Wi‑Fi kernel driver (driver version 5.1.7.10) across firmware builds from v17.92.1.p149.43 to v17.92.1.p149.157. The root cause is a stack‑based buffer overflow in the parsing path: woal_setup_module_param allocates a fixed stack buffer and parse_cfg_get_lin...
Linux Distros Unpatched Vulnerability : CVE-2026-31545
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a WARNON' and allows the driver to operate GPIOs which are connected...
CVE-2026-31545
A flaw was found in the Linux kernel's NFC Near Field Communication subsystem, specifically within the nxp-nci driver. This flaw prevented General Purpose Input/Output GPIO pins from entering a sleep state, leading to a kernel WARNON condition. This issue could potentially cause system instabilit...
CVE-2026-31545
In the Linux kernel, the following vulnerability has been resolved: NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a WARNON' and allows the driver to operate GPIOs which are connected to I2C GPIO expanders. -- 8 -- kernel: WARNING: CPU: 3 PID: 2636 at...
DEBIAN-CVE-2026-31545
In the Linux kernel, the following vulnerability has been resolved: NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a WARNON' and allows the driver to operate GPIOs which are connected to I2C GPIO expanders. -- 8 -- kernel: WARNING: CPU: 3 PID: 2636 at...
CVE-2026-31545
In the Linux kernel, the following vulnerability has been resolved: NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a WARNON' and allows the driver to operate GPIOs which are connected to I2C GPIO expanders. -- 8 -- kernel: WARNING: CPU: 3 PID: 2636 at...