kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

The vulnerability of the uvc_status_init() function in the USB Video Class driver (drivers/media/usb/uvc/uvc_status.c) in Linux kernel allows a hacker to induce a service failure.

The vulnerability of the uvcstatusinit function in the USB Video Class driver drivers/media/usb/uvc/uvcstatus.c in Linux kernels is related to improper resource locking. Exploiting this vulnerability could allow a attacker to cause a service failure...

The vulnerability of the functions usbg_cmd_work() and bot_cmd_work() in the USB driver (drivers/usb/gadget/function/f_tcm.c) of the Linux kernel allows a hacker to induce a service failure.

The vulnerability of the functions usbgcmdwork and botcmdwork in the USB driver drivers/usb/gadget/function/ftcm.c of the Linux kernel is related to the repeated release of memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

usb: dwc3: gadget: Fix looping of queued SG entries

...

usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer

...

SUSE CVE-2025-21835

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from btusb mediatek not locking when calling usbdriverclaiminterface, which could result in an error...

Linux Distros Unpatched Vulnerability : CVE-2024-50267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: serial: ioedgeport: fix use after free in debug printk The devdbg&urb-dev-dev, ... which happens after usbfreeurburb is a use after free of the urb pointer...

Linux Distros Unpatched Vulnerability : CVE-2024-58007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial...

Linux Distros Unpatched Vulnerability : CVE-2024-26999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial/pmaczilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but i...

Linux Distros Unpatched Vulnerability : CVE-2024-43893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will...

USN-7294-4 linux-kvm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

OESA-2025-1202 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registeri...

USN-7294-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

USN-7294-3 linux-ibm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

SUSE CVE-2024-57987

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is not maintained in icidtable, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops...

SUSE CVE-2024-58007

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...

SUSE CVE-2025-21726

In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorderwork Although the previous patch can avoid ps and ps UAF for doserial, it can not avoid potential UAF issue for reorderwork. This issue can happen just as below: cryptorequest cryptorequest cryptodela...