Lucene search
K

4 matches found

NVD
NVD
•added 2024/06/21 12:15 p.m.•32 views

CVE-2024-36477

In the Linux kernel, the following vulnerability has been resolved: tpmtisspi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAXSPIFRAMESIZE for computing the maximum transfer length and the size of the transfer buffer. As such, it does not account...

7.8CVSS0.0022EPSS
Exploits0References3
Cvelist
Cvelist
•added 2024/06/21 11:18 a.m.•26 views

CVE-2024-36477 tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer

In the Linux kernel, the following vulnerability has been resolved: tpmtisspi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAXSPIFRAMESIZE for computing the maximum transfer length and the size of the transfer buffer. As such, it does not account...

0.0022EPSS
Exploits0References3
Code423n4
Code423n4
•added 2023/09/14 12:0 a.m.•11 views

lack of an ownership transfer mechanism

Lines of code Vulnerability details Issue: The code does not have a mechanism to transfer ownership of the contract. In the current implementation, once deployed, the contract owner's address cannot be changed. This can be problematic for contract maintenance and security, as it restricts the...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2022/06/10 12:0 a.m.•16 views

Loss of tokens due to wrong burn function

Lines of code Vulnerability details Impact redeemToUnderlying is also affected by the issue I reported earlier which is described below. The redeem function calls burn which is inherited from IERC777Upgradeable contract whose action is to burn ERC20 tokens, thus there is no transfer or withdrawal...

7AI score
Exploits0
Rows per page
Query Builder