165 matches found
CVE-2022-49982 media: pvrusb2: fix memory leak in pvr_probe
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix memory leak in pvrprobe The error handling code in pvr2hdwcreate forgets to unregister the v4l2 device. When pvr2hdwcreate returns back to pvr2contextcreate, it calls pvr2contextdestroy to destroy context, but...
CVE-2024-32482
The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the...
SUSE CVE-2022-49298
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix uninit-value in r871xudrvinit When 'tmpU1b' returns from r8712read8padapter, EE9346CR is 0, 'mac6' will not be initialized. BUG: KMSAN: uninit-value in r871xudrvinit+0x2d54/0x3070...
CVE-2022-49298 staging: rtl8712: fix uninit-value in r871xu_drv_init()
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix uninit-value in r871xudrvinit When 'tmpU1b' returns from r8712read8padapter, EE9346CR is 0, 'mac6' will not be initialized. BUG: KMSAN: uninit-value in r871xudrvinit+0x2d54/0x3070...
CVE-2022-49298
CVE-2022-49298 : Linux kernel staging rtl8712 driver fix for uninitialized mac[6] in r871xu_drv_init() after tmpU1b from r8712_read8(padapter, EE_9346CR) == 0. KMSAN reported uninit-value in that function and call chain (usb_intf.c:541; usb_probe_interface; device probing). Concrete details are p...
CVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37603
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2024-37603
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37603
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2024-37603
CVE-2024-37603 affects Mercedes-Benz NTG6 head units, with a type-confusion vulnerability in the USB-based UserData import/export workflow. Exploitation requires physical access to the vehicle’s USB interface; an attacker can craft data that causes the UserData service to crash, after which the s...
CVE-2024-37601
CVE-2024-37601 : Mercedes-Benz NTG (New Telematics Generation) 6 contains a heap buffer overflow in the UserData/UD2 decoding path used for import/export via USB. The vulnerability requires local USB access to trigger, and exploitation can crash the UserData service, with the system subsequently ...
CVE-2024-37601
An issue was discovered in Mercedes Benz NTG New Telematics Generation 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause t...
CVE-2023-34399
Summary of CVE-2023-34399 (Mercedes-Benz NTG6) : The Mercedes-Benz head-unit NTG6 processes USB-import/export of user profile settings. Several values are stored as serialized Boost archives; a vulnerability in Boost (integer overflow) within that serialization chain is identified. The CVSSv3.1 b...
CVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...