CLSA-2025-1742471200 kernel: Fix of 19 CVEs

net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - smb: client: fix potential deadlock when releasing mids CVE-2023-52757 - tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 - ALSA: 6fire: Release resources at card release CVE-2024-53239 - smb: client: fix...

CLSA-2025-1742469561 kernel: Fix of 19 CVEs

net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - smb: client: fix potential deadlock when releasing mids CVE-2023-52757 - tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 - ALSA: 6fire: Release resources at card release CVE-2024-53239 - smb: client: fix...

The vulnerability of the freeep_fback() function in the drivers/usb/gadget/function/u_audio.c module of the Linux kernel driver allows a hacker to cause a service failure.

The vulnerability of the freeepfback function in the drivers/usb/gadget/function/uaudio.c file of the Linux kernel’s USB driver is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Exploit for CVE-2025-22954

Koha CVE-2025-22954: SQL Injection in lateissues-export.pl...

tty: xilinx_uartps: split sysrq handling

...

USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()

...

usb: xhci: Fix NULL pointer dereference on certain command aborts

...

soc: qcom: socinfo: Avoid out of bounds read of serial number

...

The vulnerability of the USB-Audio component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the USB-Audio component in the Linux operating system’s kernel is related to errors in reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Windows USB Video Class System Driver for operating systems allows a hacker to elevate their privileges to a system-level level.

The vulnerability of the Windows USB Video Class System Driver for Windows operating systems is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...

usb: gadget: f_fs: Remove WARN_ON in functionfs_bind

...

AZL-58572 CVE-2025-21859 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

The vulnerability of the cxacru_bind() function in the USB driver (drivers/usb/atm/cxacru.c) of the Linux kernel allows a hacker to induce a service failure.

The vulnerability of the cxacrubind function in the USB driver drivers/usb/atm/cxacru.c of the Linux kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-24055

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

Microsoft Windows USB Video Class driver 缓冲区错误漏洞

Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to obtain sensitive information. The following produc...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...