rxrpc: Fix delayed ACKs to not set the reference serial number

...

ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()

...

serial: sc16is7xx: fix TX fifo corruption

...

USN-7737-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; -...

CVE-2023-21473

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

CVE-2023-21473

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

CVE-2023-21472

Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader...

kernel: USB: core: Fix deadlock in port "disable" sysfs attribute

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port disable sysfs attribute The Linux kernel CVE team has assigned CVE-2024-26933 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26933-c18d@gregkh/T...

PUB-A-418774137

In drawsurfaceimage of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for...

Linux Distros Unpatched Vulnerability : CVE-2025-38584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - padata: Fix pd UAF once and for all There is a race condition/UAF in padatareorder that goes back to the initial commit. A reference count is taken at the start...

Linux Distros Unpatched Vulnerability : CVE-2025-51824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcsp 2.0 is vulnerable to Buffer Overflow in the cspusartopen function at drivers/usart/zephyr.c. CVE-2025-51824 Note that Nessus relies on the presence of th...

CVE-2025-25733

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the devi...

Linux Distros Unpatched Vulnerability : CVE-2020-11039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled nearly arbitrary memory can be read and written due to...

CVE-2025-51643

Meitrack T366G-L GPS Tracker devices contain an SPI flash chip Winbond 25Q64JVSIQ that is accessible without authentication or tamper protection. An attacker with physical access to the device can use a standard SPI programmer to extract the firmware using flashrom. This results in exposure of...

Meitrack T366G-L GPS Tracker 安全漏洞

Meitrack T366G-L GPS Tracker is a vehicle GPT locator from Meitrack China. A security vulnerability exists in the Meitrack T366G-L GPS Tracker, which originates from improper access control of the SPI flash memory chip and could lead to the disclosure of sensitive configuration data...

Linux Distros Unpatched Vulnerability : CVE-2021-22173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file CVE-2021-22173 Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2021-37155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP...

CVE-2025-25733

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the devi...

CVE-2025-25735

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers PRRs, allowing attackers with software running on the system to modify SPI flash in real-time...

CVE-2025-25735

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers PRRs, allowing attackers with software running on the system to modify SPI flash in real-time...