2433 matches found
CVE-2026-9976
Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-46184
A flaw was found in the Linux kernel's ua101 USB audio driver. A local attacker, by connecting a specially crafted USB audio device, could trigger a division-by-zero error. This occurs because the driver fails to validate the bNrChannels field, leading to a kernel crash. This vulnerability result...
CVE-2026-46184
In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...
CVE-2026-46151
In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...
CVE-2026-46109
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...
CVE-2026-46167 usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl
In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...
CVE-2026-46167
In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...
CVE-2026-46151
In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...
EUVD-2026-32773
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...
CVE-2026-46109
The CVE-2026-46109 issue concerns the Linux kernel USB ULPI code. Specifically, memory allocated for the ulpi structure could be leaked if ulpi_of_register() or ulpi_read_id() failed before device_register() was invoked, despite a previous fix targeting a different error path. The authoritative m...
CVE-2026-46109
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...
ALSA: caiaq: fix usb_dev refcount leak on probe failure
...
SUSE CVE-2026-46048
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...
SUSE CVE-2026-46091
In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...
SUSE CVE-2026-46103
In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...
CVE-2026-45923
A flaw was found in the Linux kernel's net: usb: catc driver. A malformed Universal Serial Bus USB device can present endpoint descriptors with transfer types that differ from what the driver expects. This can lead to the driver attempting to use incorrect endpoint types, potentially causing...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the short IEEE 1284 device ID response in the usb usblp protocol, leading to a heap leak and...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the resource lifecycle of the spi ch341 driver device is bound to the parent USB...
CVE-2026-46091
A flaw was found in the igorplugusb component of the Linux kernel. The USB request structure, when handled by Direct Memory Access DMA on certain host controllers, did not properly follow DMA coherency rules. This oversight could lead to data integrity issues or unexpected system behavior, as the...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the parseinterface function. An attacker can cause a crash of the application by providing a crafted USB configuration descriptor, such as via virtualized USB passthrough, file-based descriptor parsing, or...