embedded systems

Das U‑Boot contained a subtle but severe UDP‑parsing bug that was disclosed in mid‑2019: an integer underflow in net_process_received_packet that could drive an unbounded memcpy when packet handlers were called, allowing crafted UDP datagrams to overwrite memory and, in the worst case, enable...

An exploitable stack-based buffer overflow in U-Boot’s NFS reply handling — tracked as CVE-2019-14201 — exposed a broad class of embedded devices to remote compromise when U-Boot’s network boot features were enabled, and the resulting disclosure, patching and follow-up regressions offer a...

BusyBox’s netstat can be turned into a surprisingly powerful attack vector: a crafted DNS PTR response that contains terminal escape sequences can make netstat emit control codes to a VT‑compatible terminal, leading not just to garish color changes but to command execution and sustained...

The Linux kernel received a targeted stability fix that addresses a NULL-pointer crash in the Renesas USBHS driver (tracked as CVE‑2025‑21917): maintainers now flush the delayed notify_hotplug work to ensure the hotplug worker cannot run against torn-down driver resources, preventing a...

A subtle mistake in the Linux USB driver stack has been quietly corrected — and the fix exposes a classic kernel problem: an erroneous decrement of a platform device reference count in the DesignWare Core USB3 (dwc3) ST driver that can lead to use‑after‑free and service loss. The vulnerability...

It is a bizarre, unapologetically delightful piece of maker theatre: someone has put a retro Windows 98 desktop inside a consumer smart toaster and wired the toaster’s controls to a pair of Raspberry Pi boards so you can launch a program called toast.exe and, in effect, make breakfast from a...

A recently assigned CVE — CVE-2025-68222 — calls attention to a subtle but impactful class of bugs in the Linux kernel: uninitialized structure fields in device-driver descriptors. The vulnerability affects the NXP S32 SoC family pin controller driver (pinctrl: s32cc) and was recorded after...

The Linux kernel received a small but important defensive patch addressing CVE-2025-40033: a potential NULL-pointer dereference in the remoteproc PRU driver’s pru_rproc_set_ctable that, if triggered on an affected system, can cause a kernel oops and an availability outage. The fix is a surgical...

A timeout missing from a low-level SPI polling loop has a surprisingly large consequence: it lets an attacker or a buggy driver sequence force a sustained or persistent loss of availability in affected Linux systems, turning a small, technical omission into a practical denial‑of‑service that can...

Steam will stop supporting Windows 32‑bit installations on January 1, 2026, a move that, if confirmed and implemented as reported, will leave the vanishingly small number of users still running Windows 10 in its 32‑bit form without client updates, security fixes, or official Steam Support help —...

An engineer has turned a discarded disposable vape into a functioning web server — and the stunt is more than a neat hack: it’s a concise demonstration of how tiny, low-cost microcontrollers embedded in throwaway consumer goods can be repurposed to run real network stacks and serve pages, while...

A stripped-down, community-built version of Windows 11 has pushed the limits of what the OS can be when every nonessential component is removed: tiny installation media, dramatic runtime compression, and the deliberate sacrifice of serviceability and security to reach an astonishingly small...

With the code branch for NetBSD 11 freshly created, the storied BSD operating system is preparing to reinforce its position as a bastion of portability and versatility in the Unix world. This imminent release, less than 18 months after NetBSD 10, comes at a critical juncture for open source, as...

Symbian, once the reigning monarch of mobile operating systems, today occupies a surreal position in the software world: its code open, its capabilities proven, yet its influence almost completely erased from the modern technological landscape. This strange afterlife, marked by indifference and...

Security researchers have uncovered a sophisticated cyber espionage campaign, dubbed "LapDogs," that has compromised over 1,000 small office/home office (SOHO) devices worldwide. This campaign, attributed to China-linked threat actors, leverages these devices to form an Operational Relay Box...

Across the ever-evolving landscape of embedded computing, interoperability and flexibility are reigning champions, particularly as industries pivot toward smarter automation, real-time edge processing, and scalable deployments. This transformation is vividly embodied in Tria Technologies’ latest...

Serial communication is an enduring backbone of hardware interfacing, quietly powering everything from legacy test equipment to modern microcontrollers. Though often overshadowed by flashier protocols and wireless tech, serial connections remain indispensable for debugging, monitoring, and...

Armbian 25.5 emerges as a significant milestone in the evolution of Linux distributions tailored for ARM-based single-board computers (SBCs). This release not only broadens hardware compatibility but also introduces a suite of enhancements that streamline user experience and system performance...

In the rapidly evolving landscape of industrial automation, the curtains are being pulled back on a foundational shift: the integration of cutting-edge processor technology and advanced operating systems into the everyday arsenal of industrial PCs. Beckhoff, a long-standing innovator in PC-based...

The relentless progress of the automotive industry, especially among legacy players like Volkswagen, now unfolds as much in server rooms and code repositories as it does on factory floors. The vehicles rolling off today’s production lines are not simply mechanical marvels but technologically...