779 matches found
UVI-2021-1001767 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.9 by commit...
GSD-2021-1001767 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.9 by commit...
GSD-2021-1001674 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.70 by commit...
UVI-2021-1001674 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.70 by commit...
UVI-2021-1001614 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.150 by commit...
UVI-2021-1001575 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.209 by commit...
GSD-2021-1001575 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.209 by commit...
UVI-2021-1001546 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.249 by commit...
GSD-2021-1001546 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.249 by commit...
GSD-2021-1001519 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.285 by commit...
UVI-2021-1001519 staging: greybus: uart: fix tty use after free
staging: greybus: uart: fix tty use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.285 by commit...
ruspiro-boot (>=0.3.0 <=0.3.2), ruspiro-console (>=0.0.2 <=0.3.2) +6 more potentially affected by CVE-2020-36435 via ruspiro-singleton (>=0.0.2 <=0.3.1)
ruspiro-singleton CARGO version =0.0.2, =0.3.0, =0.0.2, =0.0.2, =0.3.0, =0.1.0, =0.0.2, =0.4.0, =0.0.2, =0.3.1 Source cves: CVE-2020-36435 Source advisory: OSV:GHSA-FQQ2-XP7M-XVM8...
kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c
A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports 0x2E8, 0x2F8, 0x3E8, 0x3F8 are not available. This flaw allows a local user to crash the system. The highest threat from this...
Shining a Light on SolarCity: Practical Exploitation of the X2e IoT Device (Part Two)
In this post, we continue our analysis of the SolarCity ConnectPort X2e Zigbee device referred to throughout as X2e device. In Part One, we discussed the X2e at a high level, performed initial network-based attacks, then discussed the hardware techniques used to gain a remote shell on the X2e...
PSC - E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward
DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions, single- or multip-hop, being agnostic of the underlying transport, as long as it is reliable and can send/receive Base64 encoded data without modding/filtering. Along with the e2e pty...
CVE-2021-22492
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Broadcom Bluetooth chipsets software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-18731 January 2021...
Buffer overflow
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Broadcom Bluetooth chipsets software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-18731 January 2021...
CVE-2020-28096
FOSCAM FHD X1 1.14.2.4 devices allow attackers with physical UART access to login via the ipc.fos password...
CVE-2020-15437
A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports 0x2E8, 0x2F8, 0x3E8, 0x3F8 are not available. This flaw allows a local user to crash the system. The highest threat from this...
ruspiro-boot (>=0.3.0 <=0.3.2), ruspiro-console (>=0.0.2 <=0.3.2) +6 more potentially affected by CVE-2020-36435 via ruspiro-singleton (>=0.0.2 <=0.3.1)
ruspiro-singleton CARGO version =0.0.2, =0.3.0, =0.0.2, =0.0.2, =0.3.0, =0.1.0, =0.0.2, =0.4.0, =0.0.2, =0.3.1 Source cves: CVE-2020-36435 Source advisory: OSV:RUSTSEC-2020-0115...