CVE-2024-38532

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

CVE-2024-29153

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem...

CVE-2024-23918

Improper conditions check in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-32502

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper reference count checking, which can result in a UAF Use-After-Free vulnerability...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-20318

A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of specific Ethernet...

CVE-2024-31960

An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free...

CVE-2024-31959

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution...

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write...

F5 BIG-IP AFM 安全漏洞

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A denial of service vulnerability exists in F5 BIG-IP AFM, which stems from a misconfiguration of protocol checks and can be exploited by an attacker to cause an increase in CPU resource utilization...

[SECURITY] Fedora 41 Update: yq-4.43.1-5.fc41

Yq is a portable command-line YAML, JSON, XML, CSV, TOML and properties processor...

CVE-2024-38404

CVE-2024-38404 describes a transient DoS in Qualcomm modem components triggered when a registration-accept OTA contains incorrect ciphering key data. The issue is documented across multiple feeds (NVD/NCSC/Red Hat summaries) with the same description. Connected sources indicate impact on Qualcomm...

CVE-2024-38404 Buffer Over-read in Multi Mode Call Processor

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem...

CVE-2024-38404 Buffer Over-read in Multi Mode Call Processor

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem...

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20241112 release bsc1233313 CVE-2024-21853: Faulty finite state machines FSMs in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enabl...

The vulnerability of the cidr2cidr() function, a processor for PCAP files, in the tcpprep editing and playback utility for PCAP files, allows a malicious actor to cause a service failure.

The vulnerability of the cidr2cidr function, a processor for PCAP files, in the tcpprep editing and playback utility for PCAP files, Tcpreplay, is related to an uncontrolled, exploitable flaw. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service interruption...

drm/rockchip: vop: Fix a dereferenced before check warning

...

arm64/sve: Discard stale CPU state when handling SVE traps

...

ACPI: CPPC: Make rmw_lock a raw_spin_lock

...

ISC BIND 安全漏洞

ISC BIND is an ISC open source suite of open source software that implements the DNS protocol. A security vulnerability exists in ISC BIND 9 that stems from the ability to construct a zone such that certain queries to it will generate responses containing a large number of additional partial...