CVE-2024-20484 – Cisco Enterprise Chat and Email Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20484
A vulnerability in the External Agent Assignment Service (EAAS) feature of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of Media Routing Peripheral Interface Manager (MR PIM) traffic that is received by an affected device. ... A successful exploit could allow the attacker to trigger a failure on the MR PIM connection between Cisco ECE and Cisco Unified Contact Center Enterprise (CCE), leading to a DoS condition on EAAS that would prevent customers from starting chat, callback, or delayed callback sessions. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-Oqb9uFEv • CWE-20: Improper Input Validation •
CVE-2024-34681
https://notcve.org/view.php?id=CVE-2024-34681
Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVE-2024-34673
https://notcve.org/view.php?id=CVE-2024-34673
Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVE-2024-51409
https://notcve.org/view.php?id=CVE-2024-51409
Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware. • https://github.com/fireknight-hJ/Tenda-cve-pocs/blob/main/Tenda%20O3V1.0.0.5%284180%29/websReadEvent.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-50122 – PCI: Hold rescan lock while adding devices during host probe
https://notcve.org/view.php?id=CVE-2024-50122
Estos últimos deben tomar el bloqueo de rescan al agregar dispositivos o podemos terminar en un estado indefinido con dos dispositivos agregados de forma incompleta y encontrar el siguiente bloqueo al intentar eliminar el dispositivo a través de sysfs: No se puede manejar la desreferencia del puntero NULL del kernel en la dirección virtual 0000000000000000 Error interno: Oops: 0000000096000004 [#1] Rastreo de llamadas SMP: __pi_strlen+0x14/0x150 kernfs_find_ns+0x80/0x13c kernfs_remove_by_name_ns+0x54/0xf0 sysfs_remove_bin_file+0x24/0x34 pci_remove_resource_files+0x3c/0x84 pci_remove_sysfs_dev_files+0x28/0x38 pci_stop_bus_device+0x8c/0xd8 pci_stop_bus_device+0x40/0xd8 pci_stop_and_remove_bus_device_locked+0x28/0x48 remove_store+0x70/0xb0 dev_attr_store+0x20/0x38 sysfs_kf_write+0x58/0x78 kernfs_fop_write_iter+0xe8/0x184 vfs_write+0x2dc/0x308 ksys_write+0x7c/0xec • https://git.kernel.org/stable/c/4565d2652a37e438e4cd729e2a8dfeffe34c958c https://git.kernel.org/stable/c/d4f38a0e7cc94615f63cf7765ca117e5cc2773ae https://git.kernel.org/stable/c/1d59d474e1cb7d4fdf87dfaf96f44647f13ea590 •