DSP driver
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25371 | 0.12 | — | 0.01 | KEV | Mar 26, 2021 | A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | ||
| CVE-2022-27834 | 0.00 | — | 0.00 | Apr 11, 2022 | Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions. | |||
| CVE-2022-27833 | 0.00 | — | 0.00 | Apr 11, 2022 | Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow. | |||
| CVE-2021-25475 | 0.00 | — | 0.00 | Oct 6, 2021 | A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||
| CVE-2021-25467 | 0.00 | — | 0.00 | Oct 6, 2021 | Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | |||
| CVE-2021-25457 | 0.00 | — | 0.00 | Sep 9, 2021 | An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information. | |||
| CVE-2021-25452 | 0.00 | — | 0.00 | Sep 9, 2021 | An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device. |
- risk 0.12cvss —epss 0.01
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
- CVE-2022-27834Apr 11, 2022risk 0.00cvss —epss 0.00
Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions.
- CVE-2022-27833Apr 11, 2022risk 0.00cvss —epss 0.00
Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow.
- CVE-2021-25475Oct 6, 2021risk 0.00cvss —epss 0.00
A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
- CVE-2021-25467Oct 6, 2021risk 0.00cvss —epss 0.00
Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.
- CVE-2021-25457Sep 9, 2021risk 0.00cvss —epss 0.00
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information.
- CVE-2021-25452Sep 9, 2021risk 0.00cvss —epss 0.00
An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device.