CVE-2025-55097 Potential out-of-bounds read in _ux_host_class_audio_streaming_sampling_get()

In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclassaudiostreamingsamplingget when parsing a descriptor of an USB streaming device...

CVE-2025-55097

CVE-2025-55097 affects the USBX USB host module in Eclipse ThreadX prior to version 6.4.3, where an out-of-bounds read can occur in _ux_host_class_audio_streaming_sampling_get() while parsing a USB streaming device descriptor. The issue is described across multiple sources (NVD, Red Hat, CVE reco...

CVE-2025-55096 Inadequate bounds check and potential underflow in _ux_host_class_hid_report_descriptor_get()

In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclasshidreportdescriptorget when parsing a descriptor of an USB HID device...

Eclipse ThreadX USBX 数字错误漏洞

Eclipse ThreadX USBX is an open source USB host, device and mobile embedded stack for Eclipse ThreadX. A numeric error vulnerability exists in Eclipse ThreadX USBX versions prior to 6.4.3 that stems from a possible out-of-bounds read when parsing USB HID device descriptors...

Eclipse ThreadX USBX 缓冲区错误漏洞

Eclipse ThreadX USBX is an open source USB host, device and mobile embedded stack for Eclipse ThreadX. A buffer error vulnerability exists in Eclipse ThreadX USBX versions prior to 6.4.3 that stems from a potential out-of-bounds read issue when parsing USB stream device descriptors...

SUSE-SU-2025:03613-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortname...

ROS-20251016-04

Vulnerability of X509VERIFYPARAMadd0policy function of OpenSSL library is related to errors in the procedure of of certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "man-in-the-middle" type of attack. remotely to perform a...

kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing

In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...

PT-2025-44279

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ALSA subsystem, specifically within the try to register card function. The function passes the return value of usb ifnum to if directly to usb...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition in the usb-audio component that could lead to reuse after release...

RHEL 9 : kernel (RHSA-2025:18054)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18054 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netsched: hfsc: Fix a potenti...

EUVD-2025-34416

Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally...

CVE-2025-55676 Windows USB Video Class System Driver Information Disclosure Vulnerability

...

Windows USB Video Class System Driver Information Disclosure Vulnerability

Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally...

PT-2025-42026

Name of the Vulnerable Software and Affected Versions Windows USB Video Driver affected versions not specified Description The Windows USB Video Driver exhibits a flaw where the generation of error messages can expose sensitive information locally to an authorized attacker. The issue allows for t...

Linux Distros Unpatched Vulnerability : CVE-2022-50544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with...

Linux Distros Unpatched Vulnerability : CVE-2023-53687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: serial: samsungtty: Fix a memory leak in s3c24xxserialgetclk when iterating clk When the best clk is searched, we iterate over all possible clk. If we find...

EUVD-2025-33909

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

CVE-2025-11644

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

CVE-2025-11644

Tomofun Furbo 360 and Furbo Mini expose a UART Interface weakness that can lead to insecure storage of sensitive information. The flaw affects Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074, requiring physical access to the device and described as high complexity to exploit, wit...