CVE-2025-38376

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a b...

CVE-2025-38376 usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a b...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible system hang caused by the host continuing to transfer data while the USB device controller hangs...

UBUNTU-CVE-2022-49980

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usbudcuevent The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug:...

DEBIAN-CVE-2024-57913

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This commit addresses an issue related to below kernel panic where paniconwarn is enabled. It is caused by the unnecessary use of WARNON in functionsfsbind, which easily leads to...

UBUNTU-CVE-2024-57913

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This commit addresses an issue related to below kernel panic where paniconwarn is enabled. It is caused by the unnecessary use of WARNON in functionsfsbind, which easily leads to...

CVE-2024-56698

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The dwc3request-numqueuedsgs is decremented on completion. If a partially completed request is handled, then the dwc3request-numqueuedsgs no longer reflects the total number of...

The vulnerability of the udc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the udc component in the Linux operating system’s kernel is related to improper locking of resources in the usbepqueue function. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-46836

...

SUSE CVE-2024-35822

In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from mass storage function, WARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usbepqueue+0x7c/0x104 pc :...

DEBIAN-CVE-2021-46986

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Free gadget structure only after freeing endpoints As part of commit e81a7018d93a "usb: dwc3: allocate gadget structure dynamically" the dwc3gadgetrelease was added which will free the dwc-gadget structure upon...

CVE-2023-20626

In msdc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405223; Issue ID: ALPS07405223...

The vulnerability of the device controller in the Cisco Data Center Network Manager system allows a hacker to execute arbitrary operating system commands.

The vulnerability of the DCNM device’s dispatcher exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands remotely...

Alps Pointing-Device Controller 8.1202.1711.04 Unquoted Service Path

Exploit Title: Alps Pointing-device Controller 8.1202.1711.04 - 'ApHidMonitorService' Unquoted Service Path Date: 2019-11-12 Exploit Author: Mario Rodriguez Vendor Homepage: https://www.alps.com/e/ Software Link: https://www.alps.com/e/ Version: 8.1202.1711.04 Tested on: Windows 10 Home x64 Spani...

Alps Pointing-device Controller 8.1202.1711.04 - 'ApHidMonitorService' Unquoted Service Path

Exploit Title: Alps Pointing-device Controller 8.1202.1711.04 - 'ApHidMonitorService' Unquoted Service Path Date: 2019-11-12 Exploit Author: Mario Rodriguez Vendor Homepage: https://www.alps.com/e/ Software Link: https://www.alps.com/e/ Version: 8.1202.1711.04 Tested on: Windows 10 Home x64 Spani...

The vulnerability in the implementation of the photg210_udc_probe handler in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the photg210udcprobe implementation in the loaded module of the drivers/usb/gadget/udc/fotg210-udc.ko kernel of the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting the FOTG210 UDC...

Multiple Newport products certified to bypass vulnerabilities

The Newport XPS-Cx is a device controller from Newport USA, and the XPS-Qx is another version of it. An authorization issue exists in Newport XPS-Cx and XPS-Qx. An attacker can exploit this vulnerability to bypass authentication by accessing the URL...

The vulnerability of Cisco ASA software allows a malicious actor to induce a service failure.

The vulnerability in Cisco’s multi-functional security devices ASA allows remote users who have completed authentication to elevate their privileges by gaining access at level 0 to the controller of the adaptive security device...

QEMU - Programmable Interrupt Timer Controller Heap Overflow

QEMU - Programmable Interrupt Timer Controller Heap Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=419c4 The programmable interrupt timer PIT controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller,...

Infoblox 6.8.2.11 - OS Command Injection

No description provided by source. Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: Infoblox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Vendor Patch...