892 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000264)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000264 advisory. In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000280)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000280 advisory. In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000199)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000199 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000206)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000206 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
PT-2026-6178
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the usb 8dev read bulk callback function within the usb 8dev driver of the Linux kernel. This issue occurs because the USB framework unanchors URBs before the...
SUSE CVE-2023-54270
In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by dosubmiturb. One of the KASan reports is shown below: 36.403605 BUG: KASAN: use-after-free in workerthread+0x4a2/0x890 36.406105 Read o...
EUVD-2023-60527
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...
CVE-2023-54270
In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by dosubmiturb. One of the KASan reports is shown below: 36.403605 BUG: KASAN: use-after-free in workerthread+0x4a2/0x890 36.406105 Read o...
UBUNTU-CVE-2022-50829
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...
can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header
...
CVE-2025-68343
CVE-2025-68343 in the Linux kernel affects the can: gs_usb driver (gs_usb_receive_bulk_callback). The vulnerability arises from not validating the actual_length before accessing the gs_host_frame header, risking dereference of an incomplete header. The fix uses struct_group to describe the header...
CVE-2025-68343
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...
Linux Distros Unpatched Vulnerability : CVE-2025-68343
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback...
SUSE CVE-2025-68307
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
CVE-2025-68307
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
UBUNTU-CVE-2025-68290
In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST...
UBUNTU-CVE-2025-68308
In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...
CVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
CVE-2025-68307
CVE-2025-68307 – Linux kernel can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs. Root cause: missing cleanup of failed URB transfers, decreasing available URBs per error by 1, which can degrade performance and may halt transmission. Affected: linux kernel driver can: gs...
PT-2025-51702
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Bluetooth subsystem, specifically in the btusb mediatek driver. A NULL dereference issue exists in the btusb mtk claim iso intf function. This...