Lucene search
+L

151 matches found

Cvelist
Cvelist
added 2025/04/01 3:40 p.m.16 views

CVE-2025-21902 acpi: typec: ucsi: Introduce a ->poll_cci method

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

0.0019EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/04/01 3:40 p.m.10 views

CVE-2025-21902

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

5.5CVSS5.7AI score0.0019EPSS
Exploits0
CVE
CVE
added 2025/04/01 3:40 p.m.91 views

CVE-2025-21902

CVE-2025-21902 affects the Linux kernel (ACPI backends for UCSI). The vulnerability arises from the ucsi core handling of CCI polling and ACPI-opregion synchronization: backends may rely on an unnecessary/unsafe sync, which can be triggered while notifications are disabled and lead to a spurious ...

5.5CVSS7.2AI score0.0019EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/04/01 3:40 p.m.7 views

CVE-2025-21902 acpi: typec: ucsi: Introduce a ->poll_cci method

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

5.5CVSS6AI score0.0019EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/03/28 3:38 a.m.2 views

SUSE CVE-2023-52938

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not yet registered...

5.5CVSS6.7AI score0.00197EPSS
Exploits0References5
OSV
OSV
added 2025/03/27 5:15 p.m.3 views

UBUNTU-CVE-2023-52938

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not yet registered...

5.5CVSS6.3AI score0.00197EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.22 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an attempt by the usb typec ucsi component to restore a port before port registration, resulting in a null...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/17 12:0 a.m.7 views

PT-2025-14283 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.11-200.fc41.x86 64 Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the ACPI backend of UCSI, where the UCSI "registers" are a memory copy of the register values i...

7.8CVSS6AI score0.37115EPSS
Exploits0References415
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fixed a potential out-of-bounds error in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. This means that "newcam" can be as high as 255, while the size of the uc-updated array i...

7.1CVSS6.5AI score0.00255EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fixed a null pointer dereference in the trace function. ucsiregisteraltmode checks if ISERR is true for the alt pointer and treats NULL as valid. When CONFIGTYPECDPALTMODE is not enabled, ucsiregisterdisplayport...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References3
OSV
OSV
added 2024/12/27 2:15 p.m.16 views

AZL-55733 CVE-2024-53203 affecting package kernel for versions less than 6.6.90.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS6.6AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 2:15 p.m.16 views

AZL-55788 CVE-2024-53203 affecting package kernel for versions less than 5.15.184.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS6.6AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 2:15 p.m.5 views

UBUNTU-CVE-2024-53203

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS6.3AI score0.0024EPSS
Exploits0References28
Debian CVE
Debian CVE
added 2024/12/27 1:49 p.m.7 views

CVE-2024-53203

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS5.9AI score0.0024EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/12/24 1:27 p.m.18 views

CVE-2024-53149

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connectorstatus UCSI connector's indices start from 1 up to 3, PMICGLINKMAXPORTS. Correct the condition in the pmicglinkucsiconnectorstatus callback, fixing Type-C orientation reporting...

4.6CVSS6.8AI score0.00299EPSS
Exploits0References4
NVD
NVD
added 2024/12/24 12:15 p.m.24 views

CVE-2024-53149

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connectorstatus UCSI connector's indices start from 1 up to 3, PMICGLINKMAXPORTS. Correct the condition in the pmicglinkucsiconnectorstatus callback, fixing Type-C orientation reporting...

4.6CVSS0.00299EPSS
Exploits0References4
CVE
CVE
added 2024/12/24 11:28 a.m.111 views

CVE-2024-53149

Technical details (affected product, root cause, impact, fix) are not publicly provided in the connected documents; monitor for updates.

4.6CVSS6.5AI score0.00299EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2024/11/19 3:49 a.m.5 views

SUSE CVE-2024-50268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

6.1CVSS6.5AI score0.00255EPSS
Exploits0References16
OSV
OSV
added 2024/11/19 2:16 a.m.4 views

DEBIAN-CVE-2024-50268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

7.1CVSS6.1AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2024/11/19 2:16 a.m.16 views

AZL-53618 CVE-2024-50268 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

7.1CVSS6.7AI score0.00255EPSS
Exploits0References1
Rows per page
Query Builder