CVE-2023-47233 : LINUX KERNEL UP TO 6.5.10 USB DEVICE CFG80211.C BRCMF_CFG80211_DETACH USE AFTER FREE

Description

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this “could be exploited in a real world scenario.” This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

References

https://bugzilla.suse.com/show_bug.cgi?id=1216702

https://marc.info/?l=linux-kernel&m=169907678011243&w=2

https://lore.kernel.org/all/20231104054709.716585-1-zyytlz.wz%40163.com/

For More Information

CVERecord

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-51136 : OPENIMAJ 1.3.10 DMOZ2CSV XML EXTERNAL ENTITY REFERENCE

CVE-2024-51136 : OPENIMAJ 1.3.10 DMOZ2CSV XML EXTERNAL ENTITY REFERENCE

Description An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute

CVE-2024-48809 : OPEN NETWORKING FOUNDATION SDRAN-IN-A-BOX/ONOS-A1T DELETEWATCHER DENIAL OF SERVICE

CVE-2024-48809 : OPEN NETWORKING FOUNDATION SDRAN-IN-A-BOX/ONOS-A1T DELETEWATCHER DENIAL OF SERVICE

Description An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial

CVE-2024-45164 : AKAMAI SPS/APPS PORTAL SIA THREATAVERT THREATAVERTPOLICIES IMPROPER AUTHORIZATION

CVE-2024-45164 : AKAMAI SPS/APPS PORTAL SIA THREATAVERT THREATAVERTPOLICIES IMPROPER AUTHORIZATION

Description Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and