Security
Headlines
HeadlinesLatestCVEs

Tag

#bios

CVE-2023-1582: Re: [stable-5.15 PATCH] fs/proc: task_mmu.c: don't read mapcount for migration entry

A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.

CVE
#ios#google#linux#dos#git#intel#bios
CVE-2023-27167

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?search_month=1.

Suprema BioStar 2 2.8.16 SQL Injection

Suprema BioStar 2 version 2.8.16 suffers from a remote SQL injection vulnerability.

CVE-2023-28866: [PATCH] Bluetooth: HCI: Fix global-out-of-bounds

In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not.

CVE-2023-0590: [PATCH net] net: sched: fix race condition in qdisc_graft()

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur.

CVE-2023-1390: tipc: fix NULL deref in tipc_link_xmit() · torvalds/linux@b774134

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.

CVE-2023-24571: DSA-2023-046: Dell Client Platform Security Update for BIOS Vulnerabilities

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with administrator privileges could potentially exploit this vulnerability to perform arbitrary code execution.

CVE-2022-46752

Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

Acer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen Data

By Waqas A hacker on a popular forum is claiming to have stolen Acer Inc.'s data in mid-February 2023. This is a post from HackRead.com Read the original post: Acer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen Data