net: usb: rtl8150: fix memory leak on usb_submit_urb() failure

...

CVE-2026-25603

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context o...

CVE-2026-3201

A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service. Mitigation If the USB HID protocol dissector is not being used, it can be...

EUVD-2026-8660

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

AZL-78336 CVE-2026-3201 affecting package wireshark 4.4.7-1

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

UBUNTU-CVE-2026-3201

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

CVE-2026-3201

Wireshark CVE-2026-3201 affects Wireshark 4.6.0–4.6.3 and 4.4.0–4.4.13. Root cause: missing limit checks in USB HID protocol dissector's parse_report_descriptor, causing memory exhaustion and denial of service. Mitigation: apply the available patch/update (e.g., Wireshark 4.6.4 or vendor advisori...

CVE-2026-3201 Improperly Controlled Sequential Memory Allocation in Wireshark

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

CVE-2026-3201

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

CVE-2026-3201 Improperly Controlled Sequential Memory Allocation in Wireshark

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

CVE-2026-3201

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

CVE-2026-25603

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context o...

CVE-2026-25603 Path Traversal vulnerability in Linksys MR9600, Linksys MX4200

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context o...

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

golang-github-openprinting-ipp-usb security update

0.9.27-5 - rebuilt to fix CVE-2025-68121, CVE-2025-61726...

Medium: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed aft...

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...