Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vbus draw function in the dwc3 gadget calling a power management API that may enter a dormant...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-7930-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7930-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7930-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers;...

CVE-2022-50633 usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3qcominterconnectinit oficcget alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3qcominterconnectexit function. Add iccput in error handlin...

kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...

SUSE CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

DEBIAN-CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

SUSE CVE-2021-47273

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled When only PHY1 is used for example on Odroid-HC4, the regmap init code uses the usb2 ports when doesn't initialize the PHY1 regmap entry. This fixes: Unable to...

USN-6716-1 linux-azure, linux-azure-5.4 vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...

USN-6681-3 linux-ibm, linux-ibm-5.4, linux-oracle, linux-oracle-5.4 vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...