Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Error handling was added in xhcimapurbfordma. Currently, xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. However, if kzallocnode fails, the subsequent call to sgpcopytobuffe...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following issues: - Splat: 167.057718 BUG: Sleeping function called from invalid context at include/linux/sched/mm.h:229...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don’t skip on “Stopped – Length Invalid” events. Until commit d56b0b2ab142 “usb: xhci: ensure skipped isochronous TDs are returned when the isochronous ring is stopped”, the driver did not skip missed isochronous TDs...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: Fixed an issue where shared HCD resources were leaked when attempting to set the wake-up IRQ. The issue occurred because it was not possible to set @sharedhcd to NULL before reducing the usage count using usbputhcd...

CVE-2026-43488

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...

CVE-2026-43432

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check that the endpoint is valid before dereferencing it When the host controller is not responding, all URBs User-Randomized Block Structures queued for all endpoints need to be terminated. This can cause a kernel pan...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fixed the issue of NULL pointer dereferencing during certain command aborts. If a command is queued into the final usable TRB of a ring segment, the enqueue pointer is advanced to the next link TRB and nothing more. If...

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

CLSA-2026-1775657177 kernel: Fix of 9 CVEs

ovl: Filter invalid inodes with missing lookup function CVE-2024-56570 - ALSA: aloop: Fix racy access at PCM trigger CVE-2026-23191 - media: imon: reorganize serialization CVE-2025-39993 - usb: xhci: Fix inverted ringxrunevent check in handletxevent CVE-2025-37882 - Revert "VFS: Impose ordering...

CLSA-2026-1775655363 kernel: Fix of 9 CVEs

ovl: Filter invalid inodes with missing lookup function CVE-2024-56570 - ALSA: aloop: Fix racy access at PCM trigger CVE-2026-23191 - media: imon: reorganize serialization CVE-2025-39993 - usb: xhci: Fix inverted ringxrunevent check in handletxevent CVE-2025-37882 - Revert "VFS: Impose ordering...

SUSE CVE-2023-53840

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbcbulkwrite fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbctrace is called. Reserve an extra byte,...

CVE-2023-53840

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbcbulkwrite fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbctrace is called. Reserve an extra byte,...

SUSE-SU-2025:3751-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. - CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-57981)

usb: xhci: NULL pointer dereference on certain command aborts. If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is later aborted, when the abort completion is handled the dequeue pointer is...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:3725-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3725-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070051 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2025-22023: usb: xhci: Don't skip on Stopped - Length Invalid bsc1246754. CVE-2025-38089: sunrpc:...

EUVD-2017-18310

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986942 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check endpoint is valid before dereferencing it When the host controller is not...

EUVD-2022-55399

Malicious code in bioql PyPI...