Lucene search
K

21 matches found

CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usb gadget fncm driver. When the connection is disconnected, the network device’s lifecycle...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
CVE
CVE
added 2026/05/01 2:14 p.m.16 views

CVE-2026-31723

The CVE-2026-31723 issue affects the Linux kernel’s usb: gadget: f_subset component, where net_device resources are allocated during function instance creation and registered under the gadget device. On unbind, the parent device can be destroyed while the net_device remains, creating dangling sys...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005726 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialsuspend Consider a case where...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
OSV
OSV
added 2025/12/16 4:16 p.m.5 views

UBUNTU-CVE-2025-68282

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: udc: fix use-after-free in usbgadgetstatework A race condition during gadget teardown can lead to a use-after-free in usbgadgetstatework, as reported by KASAN: BUG: KASAN: invalid-access in sysfsnotify+0x2c/0xd0...

5.8AI score0.00173EPSS
Exploits0References34
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990104 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvcfunctionsetup permit...

7.8CVSS6.2AI score0.00271EPSS
Exploits0References4
CVE
CVE
added 2025/10/30 9:48 a.m.33 views

CVE-2025-40093

The CVE-2025-40093 entry concerns the Linux kernel USB gadget ECM (f_ecm) bind path. The vulnerability arises after a bind/unbind cycle where ecm->notify_req remains stale, causing a NULL pointer dereference when the system tries to free a request via ep->ops->free_request during a subse...

6.1AI score0.00183EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/22 1:23 p.m.12 views

CVE-2023-53693 USB: gadget: Fix the memory leak in raw_gadget driver

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

0.00195EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.8 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2025:03626-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03626-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: ...

8CVSS7AI score0.21314EPSS
Exploits3References264
OSV
OSV
added 2025/09/26 11:33 a.m.3 views

SUSE-SU-2025:03370-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix...

7.8CVSS7.3AI score0.00844EPSS
Exploits3References16
OSV
OSV
added 2025/09/23 7:55 a.m.11 views

SUSE-SU-2025:20786-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5

This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 - CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 - CVE-2025-38181: calipso: fix null-ptr-deref in...

7.8CVSS6.5AI score0.00844EPSS
Exploits3References13
OSV
OSV
added 2025/09/23 7:55 a.m.10 views

SUSE-SU-2025:20736-1 Security update for kernel-livepatch-MICRO-6-0_Update_9

This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: - CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499 - CVE-2025-38555: usb: gadget : fix use-after-free in compositedevcleanup bsc1248298...

7.8CVSS6.5AI score0.00162EPSS
Exploits0References5
CVE
CVE
added 2025/09/18 1:58 p.m.24 views

CVE-2023-53407

CVE-2023-53407 refers to a Linux kernel issue in USB gadget support for pxa27x_udc where memory leaks occur if debugfs_lookup() results are not released (dput). The resolution, as described in multiple sources, is to call debugfs_lookup_and_remove() which handles the lookup and cleanup in one ste...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.5 views

PT-2025-49444

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the USB gadget f fs functionality. Specifically, a NULL pointer dereference can occur in the ffs func eps enable function when accessing epfile-ep after a...

4.3CVSS5.3AI score0.00175EPSS
Exploits0
OSV
OSV
added 2025/08/18 3:55 p.m.4 views

SUSE-SU-2025:02848-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50211: md-raid10: fix KASAN warning bsc1245140. - CVE-2023-2176: Fixed an out-of-boundary read in comparenetdevandip in drivers/infiniband/core/cma.c in RDM...

7.8CVSS8.6AI score0.00294EPSS
Exploits2References41
BDU FSTEC
BDU FSTEC
added 2025/03/10 12:0 a.m.5 views

The vulnerability of the functions usbg_cmd_work() and bot_cmd_work() in the USB driver (drivers/usb/gadget/function/f_tcm.c) of the Linux kernel allows a hacker to induce a service failure.

The vulnerability of the functions usbgcmdwork and botcmdwork in the USB driver drivers/usb/gadget/function/ftcm.c of the Linux kernel is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS7.2AI score0.00218EPSS
Exploits0References13Affected Software4
OSV
OSV
added 2024/11/07 9:49 a.m.4 views

USN-7095-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

7.8CVSS6.6AI score0.00478EPSS
Exploits4References198
OSV
OSV
added 2024/11/01 1:15 p.m.11 views

USN-7089-1 linux, linux-gcp-6.8, linux-hwe-6.8 vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

7.8CVSS6.6AI score0.00478EPSS
Exploits4References197
OSV
OSV
added 2022/06/08 4:29 a.m.7 views

USN-5468-1 linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-intel-5.13, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS6.9AI score0.00612EPSS
Exploits7References7
Positive Technologies
Positive Technologies
added 2022/02/24 12:0 a.m.18 views

PT-2022-2366 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.12 Description: The issue is related to the Linux kernel's USB gadget driver, specifically in the udc-xilinx.c file. It involves an array index that is not properly validated, potentially allowing a remote...

10CVSS7.5AI score0.67994EPSS
Exploits197References1110
OSV
OSV
added 2022/02/16 8:15 p.m.9 views

UBUNTU-CVE-2022-25258

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests ones with a large array index and ones associated with NULL function pointer retrieval. Memory corruption might occur...

4.6CVSS6.7AI score0.00927EPSS
Exploits0References9
Rows per page
Query Builder