CVE-2022-50468 platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init()

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosusbpdnotify: Fix error handling in crosusbpdnotifyinit The following WARNING message was given when rmmod crosusbpdnotify: Unexpected driver unregister! WARNING: CPU: 0 PID: 253 at drivers/base/driver.c:270...

CVE-2023-53475

CVE-2023-53475 affects the Linux kernel USB xHCI Tegra implementation. Root cause: sleep/alloc that can sleep (kasprintf) is invoked from an atomic context via tegra_xusb_padctl_get_usb3_companion -> tegra_xusb_find_port -> kasprintf, which is invalid in atomic contexts. Impact: potential c...

USN-7775-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

CVE-2025-39921

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: stop checking viability of op-maxfreq in supportsop callback In commit 13529647743d9 "spi: microchip-core-qspi: Support per spi-mem operation frequency switches" the logic for checking the viability of...

CVE-2025-39893 spi: spi-qpic-snand: unregister ECC engine on probe error and device remove

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: unregister ECC engine on probe error and device remove The on-host hardware ECC engine remains registered both when the spiregistercontroller function returns with an error and also on device removal. Change...

RHEL 9 : kernel (RHSA-2025:17122)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17122 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: usb: dwc3: gadget: check that...

kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug

A flaw was found in the Linux kernel ALSA USB audio driver. This vulnerability allows a denial of service via a crafted USB audio device...

CVE-2025-10991

The attacker may obtain root access by connecting to the UART port and this vulnerability requires the attacker to have the physical access to the device. This issue affects Tapo D230S1 V1.20: before 1.2.2 Build 20250907...

CVE-2025-10991

CVE-2025-10991 affects TP-Link TP-Link Tapo D230S1 (V1.20) prior to 1.2.2 Build 20250907. The issue enables a local attacker to obtain root access by connecting to the UART port, requiring physical access to the device. Impact is described as total on technical metrics, with high confidentiality,...

CVE-2025-10991 Root Access via UART

The attacker may obtain root access by connecting to the UART port and this vulnerability requires the attacker to have the physical access to the device. This issue affects Tapo D230S1 V1.20: before 1.2.2 Build 20250907...

TP-Link Tapo D230S1 安全漏洞

TP-Link Tapo D230S1 is a wireless smart visual doorbell kit from China P&L TP-Link. A security vulnerability exists in versions prior to TP-Link Tapo D230S1 V1.20 1.2.2 Build 20250907, which originates from an attacker being able to gain root access by connecting to the UART port, which may resul...

PT-2025-39924

Name of the Vulnerable Software and Affected Versions Tapo D230S1 versions prior to 1.2.2 Build 20250907 Description An attacker may gain root access by connecting to the UART port. This requires physical access to the device. Recommendations Update to version 1.2.2 Build 20250907 or later...

SUSE-SU-2025:03413-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700536 fixes several issues. The following security issues were fixed: - CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. - CVE-2025-38555: usb: gadget : fix use-after-free in compositedevcleanup bsc1248298...

SUSE-SU-2025:03396-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055113 fixes several issues. The following security issues were fixed: - CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. - CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. -...

usb: typec: ucsi: Limit read size on v1.2

...

OESA-2025-2348 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel's JSM serial driver, a resource leak vulnerability exists in the probe function. The error path needs to properly unwind instead of just returning directly, which may lead to resource leakage...

SUSE-SU-2025:03370-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix...

USN-7775-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

Ubuntu 22.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7775-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7775-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

USN-7774-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...