Total
98 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-1649 | 1 Cisco | 193 1120 Connected Grid Router, 1240 Connected Grid Router, 15454-m-wse-k9 and 190 more | 2022-12-13 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform. | |||||
| CVE-2022-42775 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39131 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel. | |||||
| CVE-2022-3303 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2022-12-02 | N/A | 4.7 MEDIUM |
| A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition | |||||
| CVE-2021-20315 | 2 Centos, Gnome | 2 Stream, Gnome-shell | 2022-12-02 | 3.6 LOW | 6.1 MEDIUM |
| A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked. | |||||
| CVE-2021-41141 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2022-11-16 | 7.8 HIGH | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affected. Users may need to manually apply the patch. | |||||
| CVE-2022-31621 | 1 Mariadb | 1 Mariadb | 2022-11-04 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. | |||||
| CVE-2022-31623 | 1 Mariadb | 1 Mariadb | 2022-11-04 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. | |||||
| CVE-2022-39358 | 1 Metabase | 1 Metabase | 2022-10-28 | N/A | 6.5 MEDIUM |
| Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, and 1.42.6, it was possible to circumvent locked parameters when requesting data for a question in an embedded dashboard by constructing a malicious request to the backend. This issue is patched in versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, and 1.42.6. | |||||
| CVE-2022-0897 | 2 Netapp, Redhat | 2 Ontap Select Deploy Administration Utility, Libvirt | 2022-10-27 | 4.0 MEDIUM | 4.3 MEDIUM |
| A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). | |||||
| CVE-2021-4147 | 3 Fedoraproject, Netapp, Redhat | 3 Fedora, Ontap Select Deploy Administration Utility, Libvirt | 2022-09-29 | 4.9 MEDIUM | 6.5 MEDIUM |
| A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition. | |||||
| CVE-2022-20141 | 1 Google | 1 Android | 2022-09-01 | 6.9 MEDIUM | 7.0 HIGH |
| In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel | |||||
| CVE-2021-3735 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2022-09-01 | N/A | 4.4 MEDIUM |
| A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest could use this flaw to hang the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2022-24946 | 1 Mitsubishielectric | 64 L02cpu, L02cpu-p, L02cpu-p Firmware and 61 more | 2022-08-19 | 7.8 HIGH | 7.5 HIGH |
| Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V firmware versions "16" and prior, Mitsubishi Electric MELSEC-Q Series Q03UDECPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU the first 5 digits of serial No. "24061" and prior, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q04/06/13/26UDPVCPU the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-Q Series Q12DCCPU-V all versions, Mitsubishi Electric MELSEC-Q Series Q24DHCCPU-V(G) all versions, Mitsubishi Electric MELSEC-Q Series Q24/26DHCCPU-LS all versions, Mitsubishi Electric MELSEC-L series L02/06/26CPU(-P) the first 5 digits of serial number "24051" and prior, Mitsubishi Electric MELSEC-L series L26CPU-(P)BT the first 5 digits of serial number "24051" and prior and Mitsubishi Electric MELIPC Series MI5122-VW firmware versions "05" and prior allows a remote unauthenticated attacker to cause a denial of service (DoS) condition in Ethernet communications by sending specially crafted packets. A system reset of the products is required for recovery. | |||||
| CVE-2022-21775 | 2 Google, Mediatek | 46 Android, Mt2601, Mt6761 and 43 more | 2022-07-13 | 4.6 MEDIUM | 6.7 MEDIUM |
| In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032. | |||||
| CVE-2021-31786 | 1 Actions-semi | 10 Ats2815, Ats2815 Firmware, Ats2819 and 7 more | 2022-07-12 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, allowing attackers to trigger a disconnection and deadlock of the device by connecting with a forged BDAddress that matches the original connected host. | |||||
| CVE-2021-28951 | 3 Fedoraproject, Linux, Netapp | 11 Fedora, Linux Kernel, A250 and 8 more | 2022-05-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. | |||||
| CVE-2021-31785 | 1 Actions-semi | 10 Ats2815, Ats2815 Firmware, Ats2819 and 7 more | 2022-05-03 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device via crafted LMP packets. Manual user intervention is required to restart the device and restore Bluetooth communication. | |||||
| CVE-2021-31611 | 1 Zh-jieli | 10 Ac6901, Ac6901 Firmware, Ac6921 and 7 more | 2022-05-03 | 3.3 LOW | 5.7 MEDIUM |
| The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attackers in radio range to deadlock a device via a crafted LMP packet. The user needs to manually reboot the device to restore communication. | |||||
| CVE-2021-1123 | 1 Nvidia | 1 Virtual Gpu | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service. | |||||