CVE-2020-12293

Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

EUVD-2020-4601

Malware in sbrugna...

EUVD-2015-3714

Malware in sbrugna...

EUVD-2014-4425

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-27060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix NULL pointer dereference in tbportupdatecredits Olliver reported that his...

CVE-2025-38174 thunderbolt: Do not double dequeue a configuration request

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tbcfgrequestdequeue: general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID: 91007 Comm: kworker/6:2...

CVE-2025-38174

The CVE-2025-38174 issue is in the Linux kernel Thunderbolt path: tb_cfg_request_work/tb_cfg_request_dequeue can schedule the same configuration request twice, causing a double list_del on ctl->request_queue and a potential general protection fault (non-canonical address 0xdead000000000122). T...

CVE-2023-53050

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in margining Memory for the usb4-margining needs to be relased for the upstream port of the router as well, even though the debugfs directory gets released with the router device removal. Fix this...

CVE-2024-46702

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged when router is removed I noticed that when we do discrete host router NVM upgrade and it gets hot-removed from the PCIe side as a result of NVM firmware authentication, if there is another...

CVE-2024-46702

CVE-2024-46702 (Linux kernel) relates to Thunderbolt: when a router is removed, the code previously blocked cleanup of XDomain paths due to tb_disconnect_xdomain_paths() racing with tb_stop() during host router NVM upgrade. The fix marks the XDomain as unplugged during removal, allowing tb_stop()...

Intel Thunderbolt Driver Advisory - Lenovo Support US

No description provided...

CVE-2024-27060

The CVE-2024-27060 issue affects the Linux kernel Thunderbolt driver, specifically a NULL pointer dereference in tb_port_update_credits() when handling Thunderbolt 1 devices with a single lane. The crash path traces to tb_port_do_update_credits and related hotplug/scan routines, leading to kernel...

The vulnerability of the DCH-compatible Thunderbolt driver, related to access control deficiencies, allows a hacker to disclose protected information.

The vulnerability of the DCH-compatible Thunderbolt driver is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to disclose protected information...

PT-2025-18814 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel related to thunderbolt, specifically in the margining functionality for usb4. The memory for usb4-margining needs to be...

Intel Thunderbolt controller 资源管理错误漏洞

Intel Thunderbolt controller is a connector standard published by Intel Corporation that supports both copper and fiber optic media and is intended to be used as a common bus between computers and other devices. A resource management error vulnerability exists in IntelR ThunderboltTM controllers,...

The vulnerability of Thunderbolt devices’ microcontrollers, related to errors in the implementation of backward compatibility mechanisms, allows attackers to gain direct access to the memory of computing devices to which Thunderbolt-enabled devices are connected.

The vulnerability of Thunderbolt device microcontrollers is related to errors in the implementation of backward compatibility mechanisms. Exploiting this vulnerability can allow an attacker to gain direct access to the memory of computing devices, to which Thunderbolt-enabled devices are connecte...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Thunderbolt component in the Mac OS X operating system is related to pointer assignment errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or trigger a service failure pointer zero assignment through a specially...

CVE-2016-4780

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...