68 matches found
CVE-2026-53022
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...
platform/x86: dell-wmi-sysman: bound enumeration string aggregation
...
EUVD-2026-38890
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...
CVE-2026-53022
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...
CVE-2026-53022
CVE-2026-53022 concerns the Linux kernel component platform/x86 dell-wmi-sysman where firmware-provided value-modifier and possible-value strings are aggregated into fixed buffers. The root cause is that while individual source strings are bounded, the code uses strcat to append strings and separ...
CVE-2026-53022 platform/x86: dell-wmi-sysman: bound enumeration string aggregation
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...
PT-2026-51916
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the populate enum data function within the dell-wmi-sysman module. The function aggregates firmware-provided value-modifier and possible-value strings into fixed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-wmi-sysman: Do not perform hex dumping of plaintext password data. setnewpassword performs hex dumping of the entire buffer, which contains plaintext password data, including current and new passwords. Remove...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-sysman: Fixed reference leak If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned. This means that we need to dispose of the duplicate attribute accordingly. Use...
platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
...
SUSE CVE-2026-23370
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
CVE-2026-23370
A flaw was found in the dell-wmi-sysman component of the Linux kernel. This vulnerability occurs because the setnewpassword function incorrectly hex dumps the entire buffer, which includes sensitive plaintext password data. A local attacker could exploit this to disclose user credentials, leading...
EUVD-2026-15355
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
CVE-2026-23370
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
CVE-2026-23370
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
UBUNTU-CVE-2026-23370
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
CVE-2026-23370
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
CVE-2026-23370
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
CVE-2026-23370 platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...
CVE-2026-23370
CVE-2026-23370 concerns a Linux kernel vulnerability in platform/x86: dell-wmi-sysman where set_new_password() hex dumps the buffer containing plaintext passwords (including current/new passwords). The issue could leak credentials locally and is mitigated by removing the hex dump; upstream kernel...