Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are correctly configured, and the MIDIStreaming endpoint descriptors contain the correct information, the values of bNumEmbMIDIJack and bLength are se...

Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, offering multiple ANSI SQL-92 features. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the lack of validation...

CVE-2025-68656

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, usbclassrequestgetdescriptor frees and reallocates hiddevice-ctrlxfer when an oversized descriptor is requested but continues to use the stale local pointer, leading to an immediate...

EUVD-2025-206282

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, usbclassrequestgetdescriptor frees and reallocates hiddevice-ctrlxfer when an oversized descriptor is requested but continues to use the stale local pointer, leading to an immediate...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21835)

usb: gadget: fmidi: fix MIDI Streaming descriptor lengths This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503471; scriptversion"1.2";...

EUVD-2025-6298

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-21835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled...

CVE-2025-21835

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...

CVE-2025-21835

The CVE-2025-21835 issue affects the Linux kernel USB gadget f_midi MIDI Streaming descriptors. The root cause is incorrect bNumEmbMIDIJack and bLength values in MIDIStreaming endpoint descriptors, which can emit broken descriptors when the port count for IN/OUT differs, leaking uninitialized sta...

CVE-2025-21835 usb: gadget: f_midi: fix MIDI Streaming descriptor lengths

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...

SUSE CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when...

UBUNTU-CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when...