CVE-2026-31412

A flaw was found in the Linux kernel's USB mass storage gadget module usb-gadget-fmassstorage. A remote attacker, acting as a malicious USB host, could send a specially crafted SCSI READ or WRITE command. This action could trigger an integer overflow during data size calculation, leading to an...

CVE-2026-23320

Removed by vendor...

usb: gadget : fix use-after-free in composite_dev_cleanup()

...

The vulnerability in the driver/usb/gadget/function/u_audio.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/usb/gadget/function/uaudio.c module of the Linux operating system is related to the exhaustion of file descriptors. Exploiting this vulnerability can allow an attacker to cause a service failure...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that the event count does not exceed the event buffer length The event count is read from the register DWC3GEVNTCOUNT. There is a check to ensure that the count is zero, but no check is performed to ensur...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of SG queue entry loops in the usb:dwc3:gadget module, which could lead to null pointer...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the USB gadget UVC module using incorrect buffer sizes when parsing the configfs list...