21 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware, we never assign a callback for that function. At the same time, we mount efivarfs as RO so that no one...
curl: Integer Underflow in src/var.c
Summary: A potential Integer Underflow vulnerability was identified in the setvariable function within src/var.c. the flaw occurs during the calculation of the variable content length clen when a byte range is specified. specifically, the code fails to validate if startoffset is greater than...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414302)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414302 advisory. In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is n...
libming 缓冲区错误漏洞
libming is an open source Flash SWF output library written in C by Ming. A security vulnerability exists in libming version 0.4.8, which stems from a segmentation error in the decompileSETVARIABLE function...
kernel: efivarfs: force RO when remounting if SetVariable is not supported
A flaw was found in the Linux kernel, which involves the improper handling of the efivarfs filesystem when the firmware does not support the SetVariable function at runtime. Specifically, even if efivarfs is initially mounted as read-only RO, it can be remounted as read-write RW without checking ...
kernel: efivarfs: force RO when remounting if SetVariable is not supported
A flaw was found in the Linux kernel, which involves the improper handling of the efivarfs filesystem when the firmware does not support the SetVariable function at runtime. Specifically, even if efivarfs is initially mounted as read-only RO, it can be remounted as read-write RW without checking ...
kernel: efivarfs: force RO when remounting if SetVariable is not supported
A flaw was found in the Linux kernel, which involves the improper handling of the efivarfs filesystem when the firmware does not support the SetVariable function at runtime. Specifically, even if efivarfs is initially mounted as read-only RO, it can be remounted as read-write RW without checking ...
SUSE CVE-2023-52463
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
CVE-2023-52463
A flaw was found in the Linux kernel, which involves the improper handling of the efivarfs filesystem when the firmware does not support the SetVariable function at runtime. Specifically, even if efivarfs is initially mounted as read-only RO, it can be remounted as read-write RW without checking ...
DEBIAN-CVE-2023-52463
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
UBUNTU-CVE-2023-52463
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
CVE-2023-52463 efivarfs: force RO when remounting if SetVariable is not supported
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
CVE-2023-52463
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
CVE-2023-39284
An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...
Design/Logic Flaw
An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...
CVE-2023-39284
An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...
CVE-2023-39284
An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...
CVE-2023-39284
CVE-2023-39284 affects Insyde InsydeH2O kernel 5.0–5.5 via IhisiServicesSmm, where arbitrary SetVariable calls in the SMI handler can pass attacker-controlled parameters. Root cause: unsanitized arguments in SMI SetVariable handling, enabling modification of protected NVRAM variables from Ring0 (...
PT-2023-26866 · Insyde · Insydeh2O
Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O versions 5.0 through 5.5 Description: An issue was discovered in IhisiServicesSmm where there are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler. This allows for the modification of protected NVR...