Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fixed invalid pointer dereferencing in Etron handling. This check is performed before preparetransfer and preparering, so enqueue can already point to the final link TRB of a segment. Indeed, this happens about 0.4% of...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: serial: mctrlgpio: The disablems function has been split into sync and nosync APIs. The following issue was observed on the SAMA5D27 platform using the atmelserial: BUG: A sleeping function was called from an invalid context at...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: fmidi: fmidicomplete calling queuework When using USB MIDI, a lock attempt is made twice through a reentrant call to fmiditransmit, resulting in a deadlock. The issue is fixed by using queuework to schedule the inner...

PT-2025-30776

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a system hang can occur during suspend/resume operations when a USB gadget device is enabled as Ethernet and data transfer is in progress. This...

[SECURITY] Fedora 42 Update: qt6-qtserialbus-6.9.1-1.fc42

Qt Serial Bus API provides classes and functions to access the various industrial serial buses and protocols, such as CAN, ModBus, and others...

[SECURITY] Fedora 42 Update: qt6-qtserialport-6.9.1-1.fc42

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

PT-2025-25243 · Autel · Autel Maxicharger Ac Wallbox

Name of the Vulnerable Software and Affected Versions: Autel MaxiCharger AC Wallbox affected versions not specified Description: The issue concerns a dangerous method information disclosure vulnerability where the commercial serial number is exposed. This vulnerability was discovered by Sina...

USN-7553-6 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Clock framework and drivers; - GPU drivers; - Parport drivers; - Ext4 file system; - JFFS2 file system; - JFS file...

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s USB kernel component is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

UBUNTU-CVE-2025-37994

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to finish executing before proceeding with the partner removal...

CVE-2024-33374

Incorrect access control in the UART/Serial interface on the LB-LINK BL-W1210M v2.0 router allows attackers to access the root terminal without authentication...

CVE-2024-30212

If a SCSI READ10 command is initiated via USB using the largest LBA 0xFFFFFFFF with it's default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed. The same method works to wri...

CVE-2024-55412

A vulnerability exits in driver snxpsamd.sys in SUNIX Serial Driver x64 - 10.1.0.0, which allows low-privileged users to read and write arbitary i/o port via specially crafted IOCTL requests . This can be exploited for privilege escalation, code execution under high privileges, and information...

CVE-2024-47146

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal...

CVE-2024-54127

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...

CVE-2023-30354

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access...

CVE-2023-52457

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pmruntimeresumeandget failed Returning an error code from .remove makes the driver core emit the little helpful error message: remove callback returned a non-zero value. This wil...

CVE-2023-46078

Cross-Site Request Forgery CSRF vulnerability in PluginEver WC Serial Numbers plugin = 1.6.3 versions...

CVE-2023-30732

Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number...

CVE-2023-26109

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...