21 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: qcom: uefisecapp: Fixed memory-related IO errors and crashes. It turns out that while the QSEECOM APPSEND command has specific fields for the request and response buffers, uefisecapp expects both to be in a single memor...
Linux Distros Unpatched Vulnerability : CVE-2025-21998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the ...
DEBIAN-CVE-2025-21998
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
CVE-2025-21998 firmware: qcom: uefisecapp: fix efivars registration race
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
CVE-2025-21998 firmware: qcom: uefisecapp: fix efivars registration race
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
SUSE CVE-2024-46868
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
CVE-2024-46868
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
CVE-2024-46868
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
DEBIAN-CVE-2024-46868
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
UBUNTU-CVE-2024-46868
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
CVE-2024-46868 firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire()
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
CVE-2024-46868
In CVE-2024-46868, the Linux kernel firmware: qcom: uefisecapp fix addresses a deadlock in qcuefi_acquire: if the __qcuefi pointer isn’t set, the original code could hold the lock and deadlock when set later. The fix drops the lock on the error path to match caller expectations. Impact and exploi...
CVE-2024-35994
A vulnerability was found in the Qualcomm firmware driver qcomqseecomuefisecapp in the Linux kernel. It arises from incorrect memory allocation for request and response buffers in the QSEECOM APPSEND command. The driver expects both buffers to be in a single memory region, but they are allocated...
CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
DEBIAN-CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
UBUNTU-CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994 firmware: qcom: uefisecapp: Fix memory related IO errors and crashes
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994 firmware: qcom: uefisecapp: Fix memory related IO errors and crashes
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994
CVE-2024-35994 (Linux kernel, qcom uefisecapp): The vulnerability stems from memory handling in QSEECOM app calls where APP_SEND buffers for request and response were treated as separate regions. The root cause was two consecutive kzalloc() allocations that could yield adjacent memory, causing un...