The vulnerability of the kbase_jd_user_buf_pin_pages function (mali_kbase_mem.c) in the graphics processor driver for Android devices from Google Pixel allows a hacker to escalate their privileges.

The vulnerability of the kbasejduserbufpinpages function malikbasemem.c in the graphics processor driver for Android devices from Google Pixel devices is related to writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

SUSE-SU-2022:2838-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release bsc1201727: - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave INTEL-SA-00657. See also:...

CVE-2022-26373

CVE-2022-26373 concerns Intel processors where non-transparent sharing of return-predictor targets between contexts may allow an authorized local user to disclose information. The provided documents describe this issue as a local-information-disclosure risk but do not specify a vendor patch/versi...

SUSE-SU-2022:2833-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release bsc1201727: - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave INTEL-SA-00657. See also:...

PT-2022-6092 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU kernel driver versions Bifrost r0p0 through r39p0 Arm Mali GPU kernel driver versions Valhall r19p0 through r39p0 Arm Mali GPU kernel driver versions Midgard r4p0 through r32p0 Description: The issue is related to the mishandling...

AMD Processor Execution Unit Scheduler Contention Side-Channel Vulnerability - Lenovo Support US

No description provided...

UBUNTU-CVE-2022-21233

Improper isolation of shared resources in some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...

mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemfuncin::cleanup/Item::cleanupprocessor...

hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW)

A flaw was found in hw. Incomplete cleanup in specific special register write operations for some Intel® Processors may allow an authenticated user to enable information disclosure via local access...

openssl: AES OCB fails to encrypt some bytes

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemfuncin::cleanup/Item::cleanupprocessor...

Intel CPU Information Disclosure Vulnerability (INTEL-SA-00330)

The Intel CPU on the remote host might be prone to an information disclosure vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...

CVE-2022-26427

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540...

CVE-2022-21792

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410...

CVE-2022-26426

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486...

PT-2022-15133 · Mediatek +1 · Mt6833 +1

Name of the Vulnerable Software and Affected Versions: No specific software name or version is mentioned in the provided descriptions. Description: In the camera ISP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with Syste...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A buffer error vulnerability exists in the MediaTek chips, which stems from a lack of bounds checking in camera isp, leading to out-of-bounds writes. An attacker could exploit this vulnerability to elevate privileges...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A buffer error vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the camera isp, resulting in an out-of-bounds read. An attacker could exploit this vulnerability to obtain...

PT-2022-17835 · Mediatek +1 · Mt6833 +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: In the camera ISP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System...

MediaTek camera isp 缓冲区错误漏洞

MediaTek camera isp is an image signal processor from MediaTek, a Chinese company. MediaTek camera isp suffers from a buffer error vulnerability that stems from a lack of boundary checking, which could result in out-of-bounds writes. This could result in a local privilege escalation that requires...