CVE-2021-46980

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d "usb: typec: ucsi: save power data objects in PD mode" introduced retrieval of the PDOs when connected to a PD-capable source. But only the...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d "usb: typec: ucsi: save power data objects in PD mode" introduced retrieval of the PDOs when connected to a PD-capable source. But only the...

CVE-2021-46980 usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d "usb: typec: ucsi: save power data objects in PD mode" introduced retrieval of the PDOs when connected to a PD-capable source. But only the...

CVE-2021-46980

The CVE-2021-46980 item concerns Linux kernel USB Type-C UCSI: the code previously retrieved only the first 4 power data objects (PDOs) due to a 16-byte MESSAGE_IN limit. This could cause an out-of-bounds access in ucsi_psy_get_voltage_now() when a PD source advertises more than 4 PDOs (up to 7 a...

CVE-2021-46980 usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d "usb: typec: ucsi: save power data objects in PD mode" introduced retrieval of the PDOs when connected to a PD-capable source. But only the...

CVE-2021-46980

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d "usb: typec: ucsi: save power data objects in PD mode" introduced retrieval of the PDOs when connected to a PD-capable source. But only the...

ASB-A-281061287

In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. This could lead to local denial of service which results in a boot loop with no additional execution privileges needed. User interaction is not needed for...

ASB-A-259064622

In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-261723753

In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-250576066

In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-243794204

In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-204087139

In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation...

ASB-A-204316511

In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a persistent DoS due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

GSD-2021-1000312 usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4

usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.38 by commit...