Lucene search
K

45 matches found

Cvelist
Cvelist
added 2024/09/04 6:35 p.m.32 views

CVE-2024-44960 usb: gadget: core: Check for unset descriptor

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn't properly set up the endpoint for...

0.00232EPSS
Exploits0References8
CVE
CVE
added 2024/07/29 3:48 p.m.168 views

CVE-2024-41097

CVE-2024-41097 concerns the Linux kernel USB ATM cxacru driver. The issue stemmed from incomplete endpoint checking during cxacru_bind(), which could cause wrong endpoint types to be used when submitting URBs. The patch adds verification that required endpoint types are present for both IN and OU...

5.5CVSS6.5AI score0.00234EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2024/06/18 11:18 p.m.28 views

CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

4.4CVSS7AI score0.00212EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/30 3:28 p.m.20 views

CVE-2024-36894 usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete FFS based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...

6.8AI score0.00291EPSS
Exploits0References8
CVE
CVE
added 2024/05/21 2:19 p.m.68 views

CVE-2021-47220

CVE-2021-47220 : This CVE ID is rejected and not an active vulnerability entry.

6.7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/05/21 2:19 p.m.17 views

CVE-2021-47220

...

9.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.5 views

The vulnerability of the update_port_device_state() function in the Linux kernel USB driver allows a hacker to induce a service failure.

The vulnerability of the updateportdevicestate function in the drivers/usb/core/hub.c file of the Linux kernel’s USB driver relates to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.6CVSS6.4AI score0.00227EPSS
Exploits0References12Affected Software3
CVE
CVE
added 2024/05/01 5:17 a.m.142 views

CVE-2024-26932

Mode C: CVE-2024-26932 affects the Linux kernel USB Type-C tcpm path. The issue is a double-free of the same capabilitiy when unregistering PD capabilities in tcpm_port_unregister_pd(), where the first free occurs via pd_capabilities_release() and the second is explicit in tcpm_port_unregister_pd...

7.8CVSS6.7AI score0.00216EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/03/25 9:16 a.m.88 views

CVE-2021-47173

CVE-2021-47173 is a Linux kernel issue described in connected advisories as a memory-leak bug in the USB subsystem. Specifically, the probe for the uss720 device (uss720_probe) forgets to decrement the usbdev refcount, leading to a memory leak. The fix recorded in the sources is to release the de...

5.5CVSS6.1AI score0.00226EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2024/02/27 7:4 p.m.21 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Do core softreset when switch mode According to the programming guide, to switch mode for DRD controller, the driver needs to do the following. To switch from device to host: 1. Reset controller with...

7AI score0.00225EPSS
Exploits0References4
OSV
OSV
added 2024/02/27 10:15 a.m.6 views

CVE-2021-46933

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Clear ffseventfd in ffsdataclear. ffsdataclear is indirectly called from both ffsfskillsb and ffsep0release, so it ends up being called twice when userland closes ep0 and then unmounts ffs. If userland provided ...

5.5CVSS7.4AI score
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/02/27 9:44 a.m.34 views

CVE-2021-46933 usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Clear ffseventfd in ffsdataclear. ffsdataclear is indirectly called from both ffsfskillsb and ffsep0release, so it ends up being called twice when userland closes ep0 and then unmounts ffs. If userland provided ...

6.7AI score0.00233EPSS
Exploits0References8
OSV
OSV
added 2023/12/11 11:13 p.m.9 views

USN-6549-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS6.7AI score0.09141EPSS
Exploits4References12
UbuntuCve
UbuntuCve
added 2023/10/14 9:15 p.m.39 views

CVE-2023-45862

An issue was discovered in drivers/usb/storage/eneub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation...

5.5CVSS6.5AI score0.00282EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2023/10/14 12:0 a.m.38 views

CVE-2023-45862

An issue was discovered in drivers/usb/storage/eneub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation...

5.5CVSS7.3AI score0.00282EPSS
Exploits0
NVD
NVD
added 2023/07/06 5:15 p.m.17 views

CVE-2023-37453

An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in drivers/usb/core/sysfs.c...

4.6CVSS6.5AI score0.00551EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.7 views

The vulnerability of the Linux operating system’s kernel USB driver allows a hacker to trigger a service failure or increase their privileges.

The vulnerability of the Linux operating system’s kernel USB driver is related to the use of a buffer for writing after deletion in the putdev function. Exploiting this vulnerability can allow an attacker to cause a service failure or increase their privileges...

7.4CVSS6.5AI score0.0048EPSS
Exploits1References17Affected Software3
OSV
OSV
added 2022/09/30 6:15 a.m.6 views

CVE-2022-41849

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open, aka a race condition between ufxopsopen and ufxusbdisconnect...

4.2CVSS7.8AI score
Exploits0References4
OSV
OSV
added 2017/11/07 11:29 p.m.6 views

CVE-2017-16644

The hdpvrprobe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service improper error handling and system crash or possibly have unspecified other impact via a crafted USB device...

6.6CVSS7.6AI score
Exploits0References5
OSV
OSV
added 2017/11/07 11:29 p.m.9 views

CVE-2017-16650

The qmiwwanbind function in drivers/net/usb/qmiwwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero error and system crash or possibly have unspecified other impact via a crafted USB device...

6.6CVSS7.7AI score
Exploits0References9
Rows per page
Query Builder