Lucene search
+L

300 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.8 views

CVE-2022-22819

NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers ROM version 1B have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted...

7.8CVSS7.9AI score0.01314EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:47 p.m.19 views

CVE-2022-45163

An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...

5.3CVSS6.9AI score0.00572EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.11 views

CVE-2021-3011

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access and consequently produce a...

4.2CVSS7AI score0.00196EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:13 p.m.7 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS7.2AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:52 p.m.4 views

CVE-2021-44479

NXP Kinetis K82 devices have a buffer over-read via a crafted wlength value in a GET Status-Other request during use of USB In-System Programming ISP mode. This discloses protected flash memory...

6.1CVSS7.2AI score0.00263EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:41 p.m.8 views

CVE-2021-38258

NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USBHostProcessCallback...

7.8CVSS7.9AI score0.00313EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:41 p.m.9 views

CVE-2021-38260

NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USBHostParseDeviceConfigurationDescriptor...

7.8CVSS7.9AI score0.00313EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.6 views

CVE-2019-14237

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by observing CPU registers and the effect of code/instruction execution...

9.8CVSS7.1AI score0.02923EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 a.m.6 views

CVE-2019-17060

The Bluetooth Low Energy BLE stack implementation on the NXP KW41Z based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to...

6.5CVSS7.2AI score0.00818EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:20 a.m.7 views

CVE-2019-17519

The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet...

8.8CVSS7.4AI score0.01177EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:7 a.m.7 views

CVE-2019-14239

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register...

6.6CVSS7.2AI score0.00401EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.5 views

kernel: spi: nxp-fspi: fix the KASAN report out-of-bounds bug

In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the data that is not 4 byte aligned to TX FIFO. To reproduce the issue, write 3 bytes data to NOR chip. dd...

7.8CVSS6.4AI score0.00238EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/05/09 4:54 a.m.4 views

SUSE CVE-2022-49923

In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...

5.5CVSS6.5AI score0.00154EPSS
Exploits0References10
OSV
OSV
added 2025/05/01 3:16 p.m.1 views

DEBIAN-CVE-2022-49923

In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...

5.5CVSS5.5AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/01 2:11 p.m.12 views

CVE-2022-49923 nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()

In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...

0.00154EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/01 2:11 p.m.3 views

CVE-2022-49923 nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()

In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...

6.1AI score0.00154EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/05/01 2:11 p.m.6 views

CVE-2022-49923

In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...

5.5CVSS5.5AI score0.00154EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nxpncisend not freeing the skb, which could lead to a memory leak...

5.5CVSS6.3AI score0.00154EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.7 views

PT-2025-18640 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential memory leak has been identified in the Linux kernel, specifically in the nxp nci send function. This function calls nxp nci i2c write and only frees the skb when nxp nci i2...

8.8CVSS5AI score0.0129EPSS
Exploits3References648
OSV
OSV
added 2025/04/18 7:1 a.m.6 views

CVE-2025-38479 dmaengine: fsl-edma: free irq correctly in remove path

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: free irq correctly in remove path Add fsledma-txirq/errirq check to avoid below warning because no errirq at i.MX9 platform. Otherwise there will be kernel dump: WARNING: CPU: 0 PID: 11 at...

7.8CVSS6AI score0.00242EPSS
Exploits0References7
Rows per page
Query Builder