kernel: ALSA: usb-audio: Fix out of bounds reads when finding clock sources

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw can allow an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by reading arbitrary system memory...

kernel: ALSA: usb-audio: Fix out of bounds reads when finding clock sources

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw can allow an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by reading arbitrary system memory...

Vulnerability of the cdnsp_endpoint_init() function in the drivers/usb/cdns3/cdnsp-mem.c module – The driver for supporting USB devices in Linux kernels allows a hacker to cause a service failure.

Vulnerability of the cdnspendpointinit function in the drivers/usb/cdns3/cdnsp-mem.c module – The driver for supporting USB devices in Linux kernels is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()

...

can: etas_es58x: fix potential NULL pointer dereference on udev->serial

...

spi: sn-f-ospi: Fix division by zero

...

The vulnerability of the Linux operating system’s driver/usb/typec/ucsi/ucsi.c code allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s driver/usb/typec/ucsi/ucsi.c code relates to pointer aliasing. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-26639

Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally...

The vulnerability of the usb_find_common_endpoints() function in the USB driver (drivers/usb/atm/cxacru.c) of Linux kernel allows a hacker to induce a service failure.

The vulnerability of the usbfindcommonendpoints function in the USB driver drivers/usb/atm/cxacru.c of Linux kernel systems is related to insufficient validation of input data during the processing of endpoints. Exploiting this vulnerability can allow attackers to cause service failures...

USN-7407-1 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7392-3 linux-aws vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

DEBIAN-CVE-2025-21916

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see 1. This time the issue stems from a commit authored by me 2eabb655a968 "usb: atm: cxacru: fix endpoint...

DEBIAN-CVE-2025-21917

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the notifyhotplugwork When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kernel NULL pointer...

UBUNTU-CVE-2025-21918

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

UBUNTU-CVE-2025-21916

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see 1. This time the issue stems from a commit authored by me 2eabb655a968 "usb: atm: cxacru: fix endpoint...

CVE-2025-21917 usb: renesas_usbhs: Flush the notify_hotplug_work

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the notifyhotplugwork When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kernel NULL pointer...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iOS is a...

CVE-2025-30854

Cross-Site Request Forgery CSRF vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through = 2.7....

CVE-2025-2919

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device...

USN-7387-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...