CVE-2025-1292

MEDIUM Year: 2025
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.

Related Vulnerabilities

CVE-2017-17176

MEDIUM
CVSS:6.7(Medium)

The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00B...

CWE-7872017

CVE-2017-18551

MEDIUM
CVSS:6.7(Medium)

An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.

CWE-7872017

CVE-2017-18846

MEDIUM
CVSS:6.7(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow. This affects R6250 before 1.0.4.12, R6400v2 before 1.0.2.32, R7000P/R6900P before 1.0.0.56, R7900 before 1.0.1.18, R8300 before 1...

CWE-7872017

CVE-2018-3632

MEDIUM
CVSS:6.7(Medium)

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be trig...

CWE-7872018

CVE-2018-9368

MEDIUM
CVSS:6.7(Medium)

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system executi...

CWE-7872018

CVE-2018-9386

MEDIUM
CVSS:6.7(Medium)

In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution priv...

CWE-7872018