CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2021-28664 – Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2021-28664
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0. El controlador del kernel de la GPU Arm Mali permite una escalada de privilegios o una denegación de servicio (corrupción de memoria) porque un usuario sin privilegios puede conseguir acceso de lectura/escritura a páginas de sólo lectura. Esto afecta a Bifrost r0p0 hasta r29p0 antes de r30p0, Valhall r19p0 hasta r29p0 antes de r30p0, y Midgard r8p0 hasta r30p0 antes de r31p0 Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://developer.arm.com/support/arm-security-updates https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 1CVE-2021-28663 – Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-28663
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0. El controlador del kernel de Arm Mali GPU, permite una escalada de privilegios o una divulgación de información porque las operaciones de la memoria de la GPU son manejadas inapropiadamente, conllevando a un uso de la memoria previamente liberada. Esto afecta a Bifrost versiones r0p0 hasta r28p0, anteriores a r29p0, Valhall versiones r19p0 hasta r28p0 anteriores a r29p0 y Midgard versiones r4p0 hasta r30p0 Arm Mali Graphics Processing Unit (GPU) kernel driver contains a use-after-free vulnerability that may allow a non-privileged user to make improper operations on GPU memory to gain root privilege, and/or disclose information. • https://github.com/lntrx/CVE-2021-28663 https://developer.arm.com/support/arm-security-updates https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-28388
https://notcve.org/view.php?id=CVE-2020-28388
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones. Se ha identificado una vulnerabilidad en Capital VSTAR (Todas las versiones), Nucleus NET (Todas las versiones anteriores a V5.2), Nucleus ReadyStart V3 (Todas las versiones anteriores a V2012.12), Nucleus Source Code (Todas las versiones), PLUSCONTROL 1st Gen (Todas las versiones). • https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf • CWE-342: Predictable Exact Value from Previous Values •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-24658
https://notcve.org/view.php?id=CVE-2020-24658
Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (above) any vulnerable arrays in the stack. The guard value is checked for corruption on function return; corruption leads to an error-handler call. In certain circumstances, the reference value that is compared against the guard value is itself also written to the stack (after any vulnerable arrays). The reference value is written to the stack when the function runs out of registers to use for other temporary data. • https://developer.arm.com/support/arm-security-updates/arm-compiler-5-stack-protection • CWE-770: Allocation of Resources Without Limits or Throttling CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-16273
https://notcve.org/view.php?id=CVE-2020-16273
In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension. En el software Arm que implementa los procesadores Armv8-M (todas las versiones), el mecanismo de selección de pila podría estar influenciado por un ataque de subdesbordamiento de pila en los procesadores basados ??en TrustZone v8-M. • https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing • CWE-191: Integer Underflow (Wrap or Wraparound) •