101 matches found
DEBIAN-CVE-2024-44971
In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...
AZL-48653 CVE-2024-44971 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...
UBUNTU-CVE-2024-44971
In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...
CVE-2024-44971 net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register()
In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...
SUSE CVE-2022-48754
In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...
DEBIAN-CVE-2022-48754
In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...
UBUNTU-CVE-2022-48754
In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...
SUSE CVE-2024-35945
In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...
DEBIAN-CVE-2024-35945
In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...
AZL-56160 CVE-2024-35945 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...
UBUNTU-CVE-2024-35945
In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...
PT-2024-26795
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns preventing nullptr exceptions on ISR in the Linux kernel. Specifically, it involves checking for a valid interrupt handler when phydev-irq is set unconditionally, or...
CVE-2020-3176
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
Input validation
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
CVE-2020-3176
CVE-2020-3176 affects Cisco Remote PHY Device Software. A local attacker with valid administrator access can exploit improper input sanitization to inject commands into the Linux shell with root privileges, potentially taking full control of the device. Vendors have issued advisories and, where a...
CVE-2020-3176 Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
CVE-2019-1839
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...
CVE-2019-1839 Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...
CVE-2019-1839 Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...