52 matches found
EUVD-2011-0656
Malware in sbrugna...
EUVD-2017-6569
Malware in sbrugna...
EUVD-2015-1460
Malware in sbrugna...
EUVD-2018-17888
Malware in sbrugna...
EUVD-2011-0657
Malware in sbrugna...
EUVD-2018-8951
Malware in sbrugna...
EUVD-2021-13609
Malware in sbrugna...
EUVD-2021-28237
Malicious code in bioql PyPI...
CVE-2024-3334 USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0
A security bypass vulnerability exists in the Removable Media Encryption RMEcomponent of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data...
CVE-2024-41721
The CVE-2024-41721 entry concerns bhyve(8) on FreeBSD with XHCI USB emulation. The issue is an insufficient boundary validation in the USB code, causing an out-of-bounds read on the heap that could lead to an arbitrary write and remote code execution. Impact can allow a malicious, privileged gues...
CVE-2024-42236 usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form if str0 - 1 == '\n' followed...
CVE-2024-26748 usb: cdns3: fix memory double free when handle zero packet
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if request-complete 830 spinunlock&privdev-lock; 831 usbgadgetgivebackrequest&privep-endpoint, 832 request; 833 spinlock&privdev-lock; 834 835 836 if request-buf ==...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.328.3.el7 - IB/cm: Cancel mad on the DREQ event when the state is MRAREPRCVD Mark Zhang Orabug: 36143228 - KSPLICE: make sure the stack is zeroed. Gregory Herrero Orabug: 36154654 - sched/fair: Fix tg-load when offlining a CPU Vincent Guittot Orabug: 36185207 - i2c: core: Fix atomic...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.325.5.el7 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...
Usbsas - Tool And Framework For Securely Reading Untrusted USB Mass Storage Devices
usbsas is a free and open source GPLv3 tool and framework for securely reading untrusted USB mass storage devices. Description Following the concept of defense in depth and the principle of least privilege, usbsas's goal is to reduce the attack surface of the USB stack. To achieve this, most of t...
GSD-2022-1006217 usb: host: ohci-ppc-of: Fix refcount leak bug
usb: host: ohci-ppc-of: Fix refcount leak bug This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...
GSD-2022-1004856 net: usb: ax88179_178a needs FLAG_SEND_ZLP
net: usb: ax88179178a needs FLAGSENDZLP This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.290 by commit...
GSD-2022-1004030 usb: dwc2: gadget: don't reset gadget's driver->bus
usb: dwc2: gadget: don't reset gadget's driver-bus This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...
GSD-2022-1003203 usb: dwc2: gadget: don't reset gadget's driver->bus
usb: dwc2: gadget: don't reset gadget's driver-bus This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by commit...
GSD-2022-1002548 usb: dwc3: host: Stop setting the ACPI companion
usb: dwc3: host: Stop setting the ACPI companion This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...