FTC tackles tech support scams by chasing payment processor firms

A multinational payment processing company and two of its executives are facing a potential $650k fine as a result of allegedly processing credit card payments for tech support scammers. While this fine isnt exactly massive in comparison to some of the privacy breaches and other incidents seen do...

CVE-2023-21096

In OnWakelockReleased of attributionprocessor.cc, there is a use after free that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-254774758...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android, which stems from a mix-up in the OnWakelockReleased instruction responsible for freeing memory in the attributeprocessor.cc component, and can be exploited by an...

CVE-2021-41612

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...

CVE-2021-40506

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience...

CVE-2021-41614

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register EPCR are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR...

CVE-2021-40506

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience...

CVE-2021-40507

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may...

Design/Logic Flaw

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience...

Privilege escalation

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...

Code injection

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register EPCR are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR...

Design/Logic Flaw

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may...

CVE-2021-41613

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The write logic of Exception Effective Address Register EEAR is not implemented correctly. User programs from authorized privilege levels will be unable to write to EEAR...

CVE-2021-41613

CVE-2021-41613 concerns the OpenRISC mor1kx processor: the controller unit’s write logic for the Exception Effective Address Register (EEAR) is not implemented correctly, causing user programs from authorized privilege levels to be unable to write to EEAR. The documented impact is limited to this...

CVE-2021-40506

Summary of CVE-2021-40506 (OR1200/OpenRISC 1200) : The ALU unit fails to update the overflow flag for the msb and mac instructions in OR1200 processors dated 2011-09-10 through 2015-11-11, causing an incorrect overflow flag value. This can lead to execution corruption in software that relies on t...

CVE-2021-41614

The CVE-2021-41614 issue affects the OpenRISC mor1kx processor controller unit, where the EPCR read/write permissions are not enforced correctly, allowing read/write access to EPCR from an unauthorized privilege level. Root cause: incorrect implementation of EPCR access control in the controller ...

CVE-2021-41612

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...

CVE-2021-41614

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register EPCR are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR...

CVE-2021-41612

The CVE-2021-41612 entry concerns the OpenRISC mor1kx processor’s ALU: the carry flag is not updated correctly for the subtract instruction, leading to an incorrect carry flag value. This can cause software relying on the carry flag to experience execution corruption. Affected component: mor1kx A...

CVE-2021-40507

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may...