Release of Technical Report into the AMD Security Processor

Posted by James Forshaw, Google Project Zero Today, members of Project Zero and the Google Cloud security team are releasing a technical report on a security review of AMD Secure Processor ASP. The ASP is an isolated ARM processor in AMD EPYC CPUs that adds a root of trust and controls secure...

PT-2022-6302 · Amd · System Management Mode

Name of the Vulnerable Software and Affected Versions: System Management Mode SMM affected versions not specified Description: The issue is related to the failure to validate inputs in SMM, which may allow an attacker to create a mishandled error, leaving the DRTM UApp in a partially initialized...

Intel® Processor Speculative Cross Store Bypass Advisory

Summary: A potential security vulnerability in Intel® Processors may allow information disclosure. Intel is releasing prescriptive guidance to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33149 Description: Observable behavioral discrepancy in some IntelR Processor...

AMD Secure Processor 安全漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from AMD. A security vulnerability exists in AMD Secure Processor that stems from insufficient address validation. An attacker could exploit the vulnerability to execute arbitrary code...

PT-2024-11225 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc1+ 34 Description: A vulnerability has been resolved in the Linux kernel, specifically in the scsi: target: core, where the function smp processor id was called in preemptible code, triggering a BUG...

NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2022-0075)

The remote NewStart CGSL host, running version MAIN 4.06, has kernel packages installed that are affected by multiple vulnerabilities: - The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maxim...

Anonymous NB65 Claims Hack on Russian Payment Processor Qiwi

By Waqas The Anonymous affiliated Network Battalion aka NB65 group has allegedly targeted a Russian payment processing platform Qiwi and… This is a post from HackRead.com Read the original post: Anonymous NB65 Claims Hack on Russian Payment Processor Qiwi...

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

Qualcomm 输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits including primarily semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. An input validation error vulnerability exists in multip...

coreboot 安全漏洞

coreboot is a freeware program. It is designed to replace the proprietary BIOS firmware found in most computers. A security vulnerability exists in coreboot 4.13 through 4.16, which originates on the AP and may occur as a result of arbitrary code execution in the SMM...

GHSA-PCHP-C5W8-47GC Hash collision attack vulnerability in Jenkins

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."...

Privilege Escalation

github.com/bottlerocket-os/hotdog is vulnerable to privilege escalation. The vulnerability exists in main function in main.go due to an incomplete fix for CVE-2021-3101, because the target JVM processor doesn't limit the resources and filters which allows an attacker to gain access on host and...

Cisco Firepower Threat Defense和Cisco Adaptive Security Appliances Software 数据伪造问题漏洞

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliances Software ASA Software are both products of Cisco U.S.A. Cisco Firepower Threat Defense is a set of unified software that provides next-generation firewall services.Cisco Adaptive Security Appliances Software is a firewall a...

CVE-2022-22191

A Denial of Service DoS vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet...

CVE-2022-27833

Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow...

Samsung SMR资源管理错误漏洞

Samsung SMR is a system patch package from South Korea's Samsung Samsung. The Samsung SMR DSP driver is vulnerable to resource management errors, which can be exploited by attackers to perform malicious operations...

Samsung SMR 输入验证错误漏洞

Samsung SMR is a system patch package from South Korea's Samsung Samsung. The Samsung SMR DSP driver is vulnerable to an input validation error, which can be exploited by attackers to perform out-of-bounds writes via integer overflow...

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

The vulnerability of the Intra-mode BTI implementation of Intel microprogramming software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Intel microprogrammable processor’s Intra-mode BTI IMBTI implementation is related to errors in parameter processing. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

Design/Logic Flaw

Asciidoctor-include-ext is Asciidoctor’s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible...