Lucene search
K

2433 matches found

Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.8 views

CVE-2026-9976

Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00296EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.13 views

CVE-2026-46184

A flaw was found in the Linux kernel's ua101 USB audio driver. A local attacker, by connecting a specially crafted USB audio device, could trigger a division-by-zero error. This occurs because the driver fails to validate the bNrChannels field, leading to a kernel crash. This vulnerability result...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46184

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.5CVSS0.00123EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 10:16 a.m.10 views

CVE-2026-46109

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...

5.5CVSS0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.31 views

CVE-2026-46167 usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

0.00128EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.10 views

CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS5.8AI score0.00128EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.7 views

CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
EUVD
EUVD
added 2026/05/28 9:36 a.m.11 views

EUVD-2026-32773

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

5.8AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:35 a.m.26 views

CVE-2026-46109

The CVE-2026-46109 issue concerns the Linux kernel USB ULPI code. Specifically, memory allocated for the ulpi structure could be leaked if ulpi_of_register() or ulpi_read_id() failed before device_register() was invoked, despite a previous fix targeting a different error path. The authoritative m...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.9 views

CVE-2026-46109

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:1 a.m.6 views

ALSA: caiaq: fix usb_dev refcount leak on probe failure

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.12 views

SUSE CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:52 a.m.9 views

SUSE CVE-2026-46091

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

3.3CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:52 a.m.10 views

SUSE CVE-2026-46103

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 1:12 a.m.10 views

CVE-2026-45923

A flaw was found in the Linux kernel's net: usb: catc driver. A malformed Universal Serial Bus USB device can present endpoint descriptors with transfer types that differ from what the driver expects. This can lead to the driver attempting to use incorrect endpoint types, potentially causing...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the short IEEE 1284 device ID response in the usb usblp protocol, leading to a heap leak and...

5.8AI score0.00123EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the resource lifecycle of the spi ch341 driver device is bound to the parent USB...

5.8AI score0.00117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 5:27 p.m.13 views

CVE-2026-46091

A flaw was found in the igorplugusb component of the Linux kernel. The USB request structure, when handled by Direct Memory Access DMA on certain host controllers, did not properly follow DMA coherency rules. This oversight could lead to data integrity issues or unexpected system behavior, as the...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/27 3:39 p.m.9 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the parseinterface function. An attacker can cause a crash of the application by providing a crafted USB configuration descriptor, such as via virtualized USB passthrough, file-based descriptor parsing, or...

6.9CVSS5.8AI score0.00184EPSS
Exploits0References2
Rows per page
Query Builder