Lucene search
K

206 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

A reachable assertion issue was detected in the USB EHCI emulation code of QEMU. This issue can occur during the processing of USB requests due to improper handling of the DMA memory map. A malicious privileged user within the guest environment may exploit this flaw to send invalid USB requests,...

3.2CVSS6.8AI score0.00357EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/15 1:58 a.m.9 views

SUSE CVE-2026-43488

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...

5.8AI score0.00114EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/13 5:8 p.m.11 views

CVE-2026-43488

A flaw was found in the Linux kernel's xHCI eXtensible Host Controller Interface driver. When a USB Attached SCSI UAS storage device is connected or disconnected, the xHCI controller can report a Host Controller Error HCE. Improper handling of this error can lead to an interrupt storm, causing...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.9 views

SUSE CVE-2026-43353

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/08 7:57 p.m.14 views

CVE-2026-43352

A flaw was found in the Linux kernel's I3C Improved Inter-Integrated Circuit Host Controller Interface HCI driver. Incorrect handling of DMA Direct Memory Access ring aborts can lead to the unintentional clearing of RINGCTRLENABLE. This action resets hardware ring pointers and disrupts the...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:31 p.m.6 views

CVE-2026-43322

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace caused by hciconn being freed before lereadfeaturescomplete but after hcilereadremotefeaturessync so hciconndel - hcicmdsyncdequeue is not...

5.7AI score0.00219EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39014

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the HCI DMA dequeue path within the hci dma dequeue xfer function. This function, which is not serialized, can be invoked for multiple transfers that timeout...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2026/05/07 2:19 a.m.10 views

SUSE CVE-2026-43022

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.10 views

SUSE CVE-2026-43023

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fix race conditions in scosockconnect scosockconnect checks skstate and sktype without holding the socket lock. Two concurrent connect syscalls on the same socket can both pass the check and enter scoconnect,...

7CVSS5.8AI score0.00097EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.17 views

PT-2026-37429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Bluetooth component involving the hdev-req status variable. While hci cmd sync sk modifies this variable under the hdev-req lock, other functions—including hci...

5.5CVSS5.9AI score0.00114EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/01 11:7 p.m.4 views

CVE-2026-31771

A flaw was found in the Linux kernel's Bluetooth subsystem. A remote attacker could exploit a missing bounds check by sending a specially crafted, short Bluetooth Host Controller Interface HCI event frame. This could lead to a buffer overflow, potentially allowing the attacker to cause a denial o...

8.1CVSS6.3AI score0.00205EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/01 4:45 p.m.6 views

CVE-2026-43018

A flaw was found in the Linux kernel's Bluetooth component. This Use-After-Free UAF vulnerability arises from insufficient locking during hciconn lookup and access within the hcileremoteconnparamreqevt function. An attacker could potentially exploit this to cause a system crash or execute arbitra...

8.8CVSS6AI score0.00256EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.5 views

PT-2026-36407

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack buffer overflow exists in the hci le big create sync function. The function uses DEFINE FLEX to allocate a struct hci cp le big create sync on the stack with space for 17 BIS...

7.8CVSS7.3AI score0.00142EPSS
Exploits0References49
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hcileremoteconnparamreqevt function in Bluetooth hcievent not locking the hciconn, which could lead to...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.11 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from hcicmdsyncqueueonce in Bluetooth hcisync does not correctly indicate if a queue item already exists, which...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.13 views

PT-2026-36406

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth component where hci store wake reason is called within hci event packet before the per-event minimum payload length is enforced by hci event func. This...

8.1CVSS5.8AI score0.00205EPSS
Exploits0
EUVD
EUVD
added 2026/04/22 3:31 p.m.5 views

EUVD-2026-24876

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintelhwerror with hcireqsynclock btintelhwerror issues two hcicmdsync calls HCIOPRESET and Intel exception-info retrieval without holding hcireqsynclock. This lets it race against hcidevdoclose -...

5.6AI score0.00126EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34405

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Bluetooth component where the btintel hw error function issues synchronous HCI commands without holding the hci req sync lock lock. This allows it to race...

7.8CVSS5.7AI score0.00126EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010800 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the...

5.8AI score0.00171EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/03 12:14 a.m.2 views

kernel: Linux kernel: xHCI driver isochronous event handling race condition leading to data loss or UAF

A flaw was found in the Linux kernel's xHCI eXtensible Host Controller Interface driver. This vulnerability allows data loss or buffer Use-After-Free UAF due to a race condition during isochronous Ring Underrun/Overrun event handling...

7.8CVSS5.9AI score0.00247EPSS
Exploits0References5
Rows per page
Query Builder