Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU
Vulnerability Description
The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a flaw can lead to taking control over the entire system. First identified on Nissan Leaf ZE1 manufactured in 2020.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
密码学签名的验证不恰当
Vulnerability Title
Bosch Infotainment ECU 安全漏洞
Vulnerability Description
Bosch Infotainment ECU是德国Bosch公司的一个车载娱乐系统。 Bosch Infotainment ECU存在安全漏洞,该漏洞源于缺少内核模块签名验证,可能导致攻击者加载自定义内核模块并在内核环境中执行代码,从而控制整个系统。
CVSS Information
N/A
Vulnerability Type
N/A