Security
Headlines
HeadlinesLatestCVEs

Tag

#bios

CVE-2022-46752

Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

CVE
#vulnerability#ios#dos#bios#auth#dell
Acer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen Data

By Waqas A hacker on a popular forum is claiming to have stolen Acer Inc.'s data in mid-February 2023. This is a post from HackRead.com Read the original post: Acer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen Data

Android GKI Kernels Contain Broken Non-Upstream Speculative Page Faults MM Code

Android GKI kernels contain broken non-upstream Speculative Page Faults MM code that can lead to multiple use-after-free conditions.

CVE-2023-26606: LKML: Palash Oswal: KASAN: use-after-free Read in ntfs_trim_fs

In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c.

CVE-2023-26607: LKML: Palash Oswal: KASAN: slab-out-of-bounds Read in ntfs_attr_find

In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.

CVE-2023-26605: LKML: Palash Oswal: KASAN: use-after-free Read in inode_cgwb_move_to_attached

In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.

CVE-2023-26545

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

CVE-2023-26544: LKML: Palash Oswal: KASAN: use-after-free Read in run_unpack

In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.

CVE-2022-33196: INTEL-SA-00738

Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2022-32231: INTEL-SA-00717

Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.