Linuxfoundation

Yocto

112 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2024-20023

  • EPSS 0.02%
  • Veröffentlicht 04.03.2024 03:15:07
  • Zuletzt bearbeitet 22.04.2025 20:36:44

In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID:...

9.8

CVE-2024-25626

  • EPSS 1.38%
  • Veröffentlicht 19.02.2024 20:15:45
  • Zuletzt bearbeitet 03.02.2025 19:52:09

Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 (before and included Yocto Project 4.3.1), with the Toaster ...

6.7

CVE-2023-32855

  • EPSS 0.03%
  • Veröffentlicht 04.12.2023 04:15:08
  • Zuletzt bearbeitet 21.11.2024 08:04:11

In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; ...

6.7

CVE-2023-32829

  • EPSS 0.02%
  • Veröffentlicht 02.10.2023 03:15:10
  • Zuletzt bearbeitet 21.11.2024 08:04:07

In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID...

7.5

CVE-2023-32820

  • EPSS 0.44%
  • Veröffentlicht 02.10.2023 03:15:09
  • Zuletzt bearbeitet 21.11.2024 08:04:06

In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS079326...

4.4

CVE-2023-32810

  • EPSS 0.02%
  • Veröffentlicht 04.09.2023 03:15:13
  • Zuletzt bearbeitet 21.11.2024 08:04:04

In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; ...

6.7

CVE-2023-32811

  • EPSS 0.01%
  • Veröffentlicht 04.09.2023 03:15:13
  • Zuletzt bearbeitet 21.11.2024 08:04:04

In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ...

6.7

CVE-2023-32812

  • EPSS 0.02%
  • Veröffentlicht 04.09.2023 03:15:13
  • Zuletzt bearbeitet 21.11.2024 08:04:04

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS080173...

4.4

CVE-2023-32813

  • EPSS 0.01%
  • Veröffentlicht 04.09.2023 03:15:13
  • Zuletzt bearbeitet 21.11.2024 08:04:05

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0801737...

4.4

CVE-2023-32815

  • EPSS 0.01%
  • Veröffentlicht 04.09.2023 03:15:13
  • Zuletzt bearbeitet 21.11.2024 08:04:05

In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801...