[SECURITY] Fedora 42 Update: golang-github-openprinting-ipp-usb-0.9.30-7.fc42

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol...

CGA-X722-G652-7933

Bulletin has no description...

USN-7853-3 linux-azure, linux-azure-4.15 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

EUVD-2025-38049

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...

[SECURITY] Fedora 42 Update: qt5-qtserialbus-5.15.18-1.fc42

Qt Serial Bus API provides classes and functions to access the various industrial serial buses and protocols, such as CAN, ModBus, and others...

[SECURITY] Fedora 42 Update: qt5-qtserialport-5.15.18-1.fc42

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

[SECURITY] Fedora 42 Update: qt5-qtspeech-5.15.18-1.fc42

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...

PT-2025-45256

Name of the Vulnerable Software and Affected Versions Elspec G5 versions through 1.2.2.19 Description A person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port. Recommendations Versions prior to...

CVE-2025-59392

The CVE describes a vulnerability in Elspec G5 devices (versions up to and including 1.2.2.19) where a user with physical access can reset the Admin password by inserting a USB drive containing a publicly documented reset string. Root cause is physical access combined with USB-based reset data; i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990417)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990417 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: core: fix transmit-buffer reset and memleak Commit 761ed4a94582 tty: serialcore: convert...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990600)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990600 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: properly check endpoint type Syzbot reported warning in usbsubmiturb which is cause...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990576)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990576 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an...

CVE-2025-21073

Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability...

CVE-2025-21073

Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989496 advisory. In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in...

SAMSUNG SMR 安全漏洞

SAMSUNG SMR is a system patch package from the South Korean company Samsung SAMSUNG. It provides patches for Samsung cell phone applications. A security vulnerability exists in versions prior to SAMSUNG SMR Nov-2025 Release 1, which stems from the presence of an insecure default configuration for...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989800 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: common: usb-conn-gpio: fix NULL pointer dereference of charger When power on system with OTG...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989571 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port A pending hrtime...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989585 advisory. In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989185 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serialcs: Fix a memory leak in error handling path In the probe function, if t...