Yocto@2.6 Security Vulnerabilities and Issues — Yocto@2.6 CVE List

Lucene search

LinuxfoundationYocto2.6

19 matches found

CVE•added 2023/05/15 10:15 p.m.•94 views

CVE-2023-20726

In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT...

3.3CVSS3.7AI score0.00016EPSS

CVE•added 2023/09/04 3:15 a.m.•89 views

CVE-2023-20829

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2023/09/04 3:15 a.m.•80 views

CVE-2023-20832

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2023/09/04 3:15 a.m.•66 views

CVE-2023-32812

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365.

6.7CVSS6.5AI score0.00023EPSS

CVE•added 2024/07/01 5:15 a.m.•63 views

CVE-2024-20081

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412.

9.8CVSS7.2AI score0.00049EPSS

CVE•added 2023/09/04 3:15 a.m.•59 views

CVE-2023-20830

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/04/01 3:15 a.m.•55 views

CVE-2024-20054

In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID: ALPS08580200.

6.6CVSS6.9AI score0.00066EPSS

CVE•added 2023/09/04 3:15 a.m.•52 views

CVE-2023-20821

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/07/01 5:15 a.m.•50 views

CVE-2024-20080

In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424.

9.8CVSS7.5AI score0.00149EPSS

CVE•added 2023/09/04 3:15 a.m.•48 views

CVE-2023-32815

In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801.

4.4CVSS4.3AI score0.00013EPSS

CVE•added 2023/08/07 4:15 a.m.•46 views

CVE-2023-20796

In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.

4.4CVSS4.8AI score0.0001EPSS

CVE•added 2023/09/04 3:15 a.m.•45 views

CVE-2023-20828

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/09/02 5:15 a.m.•43 views

CVE-2024-20085

In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.

4.4CVSS6.2AI score0.00012EPSS

CVE•added 2023/08/07 4:15 a.m.•42 views

CVE-2023-20790

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.

4.4CVSS4.4AI score0.00014EPSS

CVE•added 2023/09/04 3:15 a.m.•42 views

CVE-2023-32813

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017370; Issue ID: ALPS08017370.

4.4CVSS4.4AI score0.0001EPSS

CVE•added 2024/09/02 5:15 a.m.•39 views

CVE-2024-20084

4.4CVSS6.2AI score0.00012EPSS

CVE•added 2023/09/04 3:15 a.m.•38 views

CVE-2023-20831

6.7CVSS6.7AI score0.0002EPSS

CVE•added 2024/09/02 5:15 a.m.•38 views

CVE-2024-20089

In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.

7.5CVSS7AI score0.00223EPSS

CVE•added 2023/12/04 4:15 a.m.•35 views

CVE-2023-32855

In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.

6.7CVSS6.6AI score0.00029EPSS