PT-2022-9748 · Unknown +1 · Amd System Management Unit +1

Name of the Vulnerable Software and Affected Versions: System Management Unit SMU affected versions not specified Description: The issue is related to insufficient checks in the System Management Unit SMU FeatureConfig, which may result in the reenabling of features. This could potentially lead t...

PT-2022-9746 · Suse · Suse

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to insufficient bound checks in the System Management Unit SMU, which may cause a system voltage malfunction. This could potentiall...

PT-2022-9740 · Suse · Suse

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range, which could resul...

PT-2022-9747 · Unknown +1 · Amd System Management Unit +1

Name of the Vulnerable Software and Affected Versions: System Management Unit SMU affected versions not specified Description: The issue is related to an insufficient General Purpose IO GPIO bounds check in the System Management Unit SMU. This may result in access or updates to invalid address...

Design/Logic Flaw

Insufficient bound checks in System Management Unit SMU PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service...

kernel: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

A resource-handling flaw was found in the Linux kernel performance monitoring driver for ARM System Memory Management Unit version 3 in the way hotplug callbacks are registered during driver initialization. If driver registration fails, previously added CPU hotplug callbacks are not removed,...

kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free

An out-of-bounds OOB memory access flaw was found in net/core/filter.c in bpfskbmaxlen in the Linux kernel. A missing sanity check to the current MTU check may allow a local attacker with special user privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal...

AMD System Management Unit 缓冲区错误漏洞

AMD System Management Unit SMU is a system management unit of AMD, Inc. A security vulnerability exists in the System Management Unit SMU PCIe Hot Plug, which can be exploited by an attacker to cause a denial of service for invalid address space access or updates...

PT-2025-41015

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s perf/smmuv3 component related to a hotplug callback leak within the arm smmu pmu init function. Specifically, the function fails to remove a callback...

AMD Client Vulnerabilities – May 2022

Bulletin ID: AMD-SB-1027 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...

AMD Server Vulnerabilities - May 2022

Bulletin ID: AMD-SB-1028 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...

CVE-2022-29480

On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evalua...

SEC Plans to Hire More Staff in Crypto Enforcement Unit to Fight Frauds

The U.S. Securities and Exchange Commission SEC on Tuesday announced that it will expand and rebrand its Cyber Unit to fight against cyber-related threats and protect investors in cryptocurrency markets. To that end, the SEC is renaming the Cyber Unit within the Division of Enforcement to Crypto...

CVE-2022-20087

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06477970; Issue ID: ALPS06477970...

CVE-2022-28613

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is en-abled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the receiving RTU500 CMU to reboot. The...

Hitachi Energy RTU500 输入验证错误漏洞

Hitachi Energy RTU500 is a series of industrial control components from Hitachi, Ltd Hitachi, Japan. The Hitachi Energy RTU500 suffers from an input validation error vulnerability that stems from a length information validation error carried in MBAP. An attacker could exploit the vulnerability by...

多款Qualcomm产品资源管理错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products,...

Time-of-check To Time-of-use (TOCTOU)

networkd-dispatcher is vulnerable to time-of-check-time-of-use. The vulnerability exists in the vulnerable systemd unit which allows an attacker to replace scripts that elieves to be owned by root user...

Exploit for Incorrect Authorization in Polkit_Project Polkit

PolicyKit CVE-2021-3560 Exploit Authentication Agent ====...

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2022-1517)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...