AZL-49005 CVE-2024-43893 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will result in a divide by zero error in uartgetdivisor. The check for uartcl...

DEBIAN-CVE-2024-43893

In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will result in a divide by zero error in uartgetdivisor. The check for uartcl...

UBUNTU-CVE-2024-43893

In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will result in a divide by zero error in uartgetdivisor. The check for uartcl...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a divide-by-zero problem in the uartgetdivisor function...

CVE-2022-48871

A vulnerability was found in the Linux kernel's qcomgeniserial.c driver. A lack of proper size validation can lead to an out-of-bounds write caused by a mismatch between the RX FIFO buffer size and the actual RX FIFO depth after initialization. This issue can lead to memory corruption or crashes...

CVE-2022-48871 tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer

In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO port-rxfifo based on default RX FIFO depth, e.g. 16. Later during serial startup the qcomgeniserialportsetup...

CVE-2022-48871

In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO port-rxfifo based on default RX FIFO depth, e.g. 16. Later during serial startup the qcomgeniserialportsetup...

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

CVE-2024-31799

CVE-2024-31799 affects GNCC’s GC2 Indoor Security Camera 1080P. The flaw: an attacker with physical access can read the WiFi passphrase through the UART Debug Port, exposing sensitive network credentials via direct hardware access. The underlying cause is information disclosure via an accessible ...

CVE-2024-31800

The CVE-2024-31800 entry concerns the GNCC GC2 Indoor Security Camera 1080P. Affected component: the device’s UART Debugging Port enables an authentication bypass, allowing a physically present attacker to obtain a privileged command shell. Documented impact includes high confidentiality, integri...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep CVE-2024-26605 In the...

SUSE CVE-2024-38634

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

CVE-2024-38633

A vulnerability was found in the Linux kernel, affecting the max3100 serial driver. This issue involves improper handling of the uartdriverregistered state upon driver removal, which could lead to use-after-free conditions or undefined behavior. This flaw might allow attackers to exploit the driv...

CVE-2024-38634

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

CVE-2024-38633

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Update uartdriverregistered on driver removal The removal of the last MAX3100 device triggers the removal of the driver. However, code doesn't update the respective global variable and after insmod — rmmod — insm...