34 matches found
CVE-2025-32060 Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU
The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...
EUVD-2019-17996
Malware in sbrugna...
EUVD-2018-15754
Malware in sbrugna...
CVE-2023-38486
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime...
CVE-2023-38486
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...
CVE-2023-38486
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...
CVE-2023-38486
The CVE-2023-38486 entry describes a flaw in the secure boot implementation on Aruba 9200 and 9000 Series Controllers and Gateways. The issue allows bypassing the secure-boot protections that normally prohibit unsigned kernel images from executing, enabling an attacker to run arbitrary runtime op...
CVE-2023-38486 Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...
CVE-2023-38486 Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...
PT-2023-26466 · Aruba · Aruba 9000 Series Gateways +3
Name of the Vulnerable Software and Affected Versions: Aruba 9200 and 9000 Series Controllers and Gateways affected versions not specified Description: A vulnerability in the secure boot implementation allows an attacker to bypass security controls, which would normally prohibit unsigned kernel...
Aruba Networks Aruba 9200 and 9000 Security Vulnerabilities
The Aruba Networks Aruba 9200 and Aruba Networks Aruba 9000 are a family of security gateways from Aruba Networks, Inc. A security vulnerability exists in the Aruba Networks Aruba 9200 and 9000 that stems from a flaw in the secure boot implementation, which can be exploited to bypass security...
SUSE CVE-2018-3968
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legac...
SUSE CVE-2021-3418
If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction...
kernel security and bug fix update
An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...
Apple macOS Security Feature Issue Vulnerability (CNVD-2024-17859)
Apple macOS is a specialized operating system developed by Apple for Mac computers. A security signature issue vulnerability exists in Apple macOS prior to version 11.4, which originates in the Kext Management subsystem, and can be exploited by a local attacker to bypass implemented security...
CVE-2021-30680
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4. A local user may be able to load unsigned kernel extensions...
CVE-2021-30680
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4. A local user may be able to load unsigned kernel extensions...
Apple macOS 安全特征问题漏洞
Apple macOS is a specialized operating system developed by Apple for Mac computers. A security signature issue vulnerability exists in Apple macOS prior to version 11.4, which originates in the Kext Management subsystem, and can be exploited by a local attacker to bypass implemented security...
CVE-2021-3418
If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...