Lucene search
K

36 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: libertas – fixed a warning in the usbtxblock function. The function usbtxblock submits cardp-txurb without ensuring that any previous transmissions on this URB have been completed. If a second call occurs while the URB is...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: media: zr364xx: fixed a memory leak in zr364xxstartreadpipe syzbot reported a memory leak in the zr364xx driver. The issue occurred in non-freeed urb situations when usbsubmiturb failed. Backtrace: kmalloc...

5.5CVSS6AI score0.00245EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/13 3:36 a.m.11 views

SUSE CVE-2026-43180

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: remove TX queue manipulation in kawethsetrxmode kawethsetrxmode, the ndosetrxmode callback, calls netifstopqueue and netifwakequeue. These are TX queue flow control functions unrelated to RX multicast...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28736

In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which...

5.8AI score0.00089EPSS
Exploits0References9
NVD
NVD
added 2026/05/08 3:16 p.m.13 views

CVE-2026-43430

In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which...

4.7CVSS0.00089EPSS
Exploits0References8
OSV
OSV
added 2026/05/08 3:16 p.m.5 views

UBUNTU-CVE-2026-43425

In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.34 views

CVE-2026-43430 usb: yurex: fix race in probe

In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which...

0.00089EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.7 views

CVE-2026-43430

In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which...

5.8AI score0.00089EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.34 views

CVE-2026-43223 media: pvrusb2: fix URB leak in pvr2_send_request_ex

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2sendrequestex When pvr2sendrequestex submits a write URB successfully but fails to submit the read URB e.g. returns -ENOMEM, it returns immediately without waiting for the write URB to complete...

0.00128EPSS
Exploits0References8
CVE
CVE
added 2026/05/06 11:27 a.m.22 views

CVE-2026-43180

The CVE-2026-43180 issue affects the Linux kernel kaweth USB Ethernet driver. The function kaweth_set_rx_mode() improperly manipulates the TX queue by calling netif_stop_queue() followed by netif_wake_queue(), which can wake the TX queue while a tx_urb is still in flight, causing a double usb_sub...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed...

5.5CVSS6.2AI score0.00128EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/01 10:34 p.m.6 views

CVE-2026-31757

A flaw was found in the Linux kernel. Specifically, within the USB subsystem usbio, a memory leak occurs when a Universal Serial Bus USB Request Block URB submission fails during the device probing process. This failure to free the allocated URB memory can lead to a gradual depletion of system...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/01 12:23 a.m.6 views

SUSE CVE-2026-23021

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...

3.3CVSS5.8AI score0.00149EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2026-23021

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...

5.5CVSS6AI score0.00149EPSS
Exploits0References25
EUVD
EUVD
added 2026/01/31 11:39 a.m.7 views

EUVD-2026-5073

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...

5.8AI score0.00149EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/01/23 2:25 p.m.31 views

CVE-2025-71154 net: usb: rtl8150: fix memory leak on usb_submit_urb() failure

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

0.00114EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:25 p.m.3 views

CVE-2025-71154

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

5.2AI score0.00114EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2025/12/30 3:30 p.m.5 views

EUVD-2023-60371

In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by dosubmiturb. One of the KASan reports is shown below: 36.403605 BUG: KASAN: use-after-free in workerthread+0x4a2/0x890 36.406105 Read o...

6AI score0.00177EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2025/12/23 3:51 a.m.5 views

SUSE CVE-2025-68331

In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cause is an access to ...

6.3CVSS6.5AI score0.00193EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.9 views

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38567)

wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports 1 hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a specific 4th endpoint, since it can switch types between bulk and interrupt, other endpoint...

5.5CVSS6.6AI score0.00254EPSS
Exploits0References2
Rows per page
Query Builder