The vulnerability of the spi component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the spi component of the Linux operating system’s kernel is related to a memory corruption in the regmapgetspibus function. Exploiting this vulnerability can allow an attacker to cause a system failure...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7123-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7123-1 advisory. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an...

USN-7089-7 linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

AZL-53843 CVE-2024-53083 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdrlen/txbuflen earlier If the read of USBPDPHYRXACKNOWLEDGEREG failed, then hdrlen and txbuflen are uninitialized. This commit stops to print uninitialized value and misleading/false data...

UBUNTU-CVE-2024-53046

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: 1.119072 ------------ cut...

SUSE CVE-2024-50267

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

DEBIAN-CVE-2024-50267

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

CVE-2024-50267

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

AZL-53721 CVE-2024-50267 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

UBUNTU-CVE-2024-50267

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

CVE-2024-50269 usb: musb: sunxi: Fix accessing an released usb phy

In the Linux kernel, the following vulnerability has been resolved: usb: musb: sunxi: Fix accessing an released usb phy Commit 6ed05c68cbca "usb: musb: sunxi: Explicitly release USB PHY on exit" will cause that usb phy @glue-xceiv is accessed after released. 1 register platform driver...

CVE-2024-50267 USB: serial: io_edgeport: fix use after free in debug printk

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

CVE-2024-50267 USB: serial: io_edgeport: fix use after free in debug printk

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

CVE-2024-50267 USB: serial: io_edgeport: fix use after free in debug printk

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

CVE-2024-50267

CVE-2024-50267 — Linux kernel (USB: serial: io_edgeport) A use-after-free in a debug printk after usb_free_urb(urb) was fixed by storing the urb->dev pointer at the start of the function to avoid referencing a freed urb. The vulnerability affects the Linux kernel’s USB serial edgeport driver a...

CVE-2024-50267

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The "devdbg&urb-dev-dev, ..." which happens after usbfreeurburb is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid...

Google Android 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Google Android Kernel component USB driver. An attacker can exploit this vulnerability to achieve elevation of...

PT-2024-34127

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The issue is related to a possible leak of kernel memory contents to a USB HID due to uninitialized data in the Linux kernel. This could lead to physical information disclosure with no...

Vulnerability discovered in Fortinet FortiManager

UPDATE Public proof of concept PoC code for the vulnerability is available. It applies to FortiManager variants that have not yet been patched. Also, researchers have discovered that Fortinet's patch did not fix the full chain of exploitation. Thus, it is still possible to execute code on a patch...

PT-2024-25212 · Digital Guardian · Digital Guardian Windows Agents

Name of the Vulnerable Software and Affected Versions: Digital Guardian Windows Agents versions prior to 8.2.0 Description: A security bypass issue exists in the Removable Media Encryption RME component, allowing users to circumvent encryption controls by modifying metadata on USB devices, thereb...