net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete()

...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014335 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: isp116x: fix memory leak with using debugfslookup When calling debugfslookup the result must...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014331 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: isp1362: fix memory leak with using debugfslookup When calling debugfslookup the result must...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014337 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa27xudc: fix memory leak with using debugfslookup When calling debugfslookup the...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014354 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: uhci: fix memory leak with using debugfslookup When calling debugfslookup the result must ha...

[SECURITY] Fedora 44 Update: qt6-qtspeech-6.10.3-1.fc44

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...

[SECURITY] Fedora 44 Update: qt6-qtserialbus-6.10.3-1.fc44

Qt Serial Bus API provides classes and functions to access the various industrial serial buses and protocols, such as CAN, ModBus, and others...

[SECURITY] Fedora 44 Update: qt6-qtserialport-6.10.3-1.fc44

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

[SECURITY] Fedora 44 Update: mingw-qt6-qtserialport-6.10.3-1.fc44

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

SUSE CVE-2026-31549

In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before...

SUSE CVE-2026-31582

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferences the freed URB pointer...

SUSE CVE-2026-31604

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...

SUSE CVE-2026-31640

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpcpostresponse, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...

Linux Distros Unpatched Vulnerability : CVE-2026-31582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mut...

Linux Distros Unpatched Vulnerability : CVE-2026-31549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the...

CVE-2026-31640

A flaw was found in the Linux kernel's rxrpc component. This vulnerability occurs in the rxrpcpostresponse function, where the system incorrectly compares a newer network packet's data instead of the expected cached response. This error causes the challenge serial number comparison to always be...

CVE-2026-31560

A flaw was found in the Linux kernel's spi-dw-dma component. When the system attempts to complete a Serial Peripheral Interface SPI transaction, an error in handling a missing device message can lead to a system crash. This vulnerability could result in a Denial of Service DoS...

CVE-2026-31549

A flaw was found in the Linux kernel's cp2615 driver. A malicious device can exploit this vulnerability by not providing a USB device serial string. This improper handling of the serial string during the i2c adapter name assignment can trigger a NULL-pointer dereference, leading to a system crash...

DEBIAN-CVE-2026-31640

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpcpostresponse, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...

CVE-2026-31640

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpcpostresponse, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...