Lucene search
K

101 matches found

OSV
OSV
added 2024/09/04 7:15 p.m.0 views

DEBIAN-CVE-2024-44971

In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...

5.5CVSS5.6AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 7:15 p.m.6 views

AZL-48653 CVE-2024-44971 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 7:15 p.m.3 views

UBUNTU-CVE-2024-44971

In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References19
OSV
OSV
added 2024/09/04 6:56 p.m.13 views

CVE-2024-44971 net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register()

In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...

5.5CVSS6AI score0.0021EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2024/06/22 4:9 a.m.3 views

SUSE CVE-2022-48754

In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...

5.5CVSS7.7AI score0.00233EPSS
Exploits0References14
OSV
OSV
added 2024/06/20 12:15 p.m.2 views

DEBIAN-CVE-2022-48754

In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...

8.4CVSS5.6AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2024/06/20 12:15 p.m.5 views

UBUNTU-CVE-2022-48754

In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...

8.4CVSS6.1AI score0.00233EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2024/05/21 1:58 a.m.2 views

SUSE CVE-2024-35945

In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...

5.5CVSS6.5AI score0.00211EPSS
Exploits0References16
OSV
OSV
added 2024/05/19 11:15 a.m.0 views

DEBIAN-CVE-2024-35945

In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...

5.5CVSS5.4AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2024/05/19 11:15 a.m.12 views

AZL-56160 CVE-2024-35945 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...

5.5CVSS5.8AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2024/05/19 11:15 a.m.7 views

UBUNTU-CVE-2024-35945

In the Linux kernel, the following vulnerability has been resolved: net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine...

5.5CVSS6.1AI score0.00211EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/01/29 12:0 a.m.6 views

PT-2024-26795

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns preventing nullptr exceptions on ISR in the Linux kernel. Specifically, it involves checking for a valid interrupt handler when phydev-irq is set unconditionally, or...

7.5CVSS5.5AI score0.00211EPSS
Exploits0
OSV
OSV
added 2020/03/04 7:15 p.m.4 views

CVE-2020-3176

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...

6.7CVSS6.8AI score0.00445EPSS
Exploits0References1
Prion
Prion
added 2020/03/04 7:15 p.m.14 views

Input validation

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...

7.2CVSS6.8AI score0.00445EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/03/04 6:40 p.m.94 views

CVE-2020-3176

CVE-2020-3176 affects Cisco Remote PHY Device Software. A local attacker with valid administrator access can exploit improper input sanitization to inject commands into the Linux shell with root privileges, potentially taking full control of the device. Vendors have issued advisories and, where a...

7.2CVSS6.7AI score0.00445EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/04 6:40 p.m.21 views

CVE-2020-3176 Cisco Remote PHY Device Software Command Injection Vulnerability

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...

6.7CVSS6.8AI score0.00445EPSS
Exploits0References1
Cisco
Cisco
added 2020/03/04 4:0 p.m.41 views

Cisco Remote PHY Device Software Command Injection Vulnerability

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...

6.7CVSS3.4AI score0.00445EPSS
Exploits0References1
NVD
NVD
added 2019/08/21 7:15 p.m.30 views

CVE-2019-1839

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...

7.2CVSS6.7AI score0.00444EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/08/21 6:10 p.m.11 views

CVE-2019-1839 Cisco Remote PHY Device Software Command Injection Vulnerability

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...

6.7CVSS7.3AI score0.00444EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/21 6:10 p.m.33 views

CVE-2019-1839 Cisco Remote PHY Device Software Command Injection Vulnerability

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...

6.7CVSS6.7AI score0.00444EPSS
Exploits0References1
Rows per page
Query Builder