40 matches found
SUSE CVE-2026-43488
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...
Astra Linux - уязвимость в qemu
A out-of-bounds write flaw was discovered in the UAS USB-attached SCSI device emulation in QEMU in versions prior to 6.2.0-rc0. The device uses the guest-provided stream number without proper checking, which can lead to out-of-bounds access to the UASDevice-data3 and UASDevice-status3 fields. A...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: USB: UAS – Fix for the URB unmapping issue when the UAS device is removed during ongoing data transfer When a UAS device is unplugged during data transfer, there is a possibility of a system panic occurring. The root cause is...
usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer
...
UBUNTU-CVE-2025-68331
In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cause is an access to ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a URB unmapping issue when a UAS device is removed during a data transfer, which could lead to a system pani...
PT-2025-52659
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains an issue within the USB subsystem related to unmapping URBs USB Request Blocks when a UAS USB Attached SCSI device is removed during data transfer. Specifically...
Remote code execution
Windows USB Attached SCSI UAS Protocol Remote Code Execution Vulnerability...
PT-2024-2292 · Microsoft · Windows Usb Attached Scsi (Uas) Protocol +1
Name of the Vulnerable Software and Affected Versions: Windows USB Attached SCSI UAS Protocol affected versions not specified Description: The issue is related to insufficient input validation in the Windows USB Attached SCSI UAS Protocol implementation, allowing remote attackers to execute...
KB5035885: Windows Server 2012 R2 Security Update (March 2024)
The remote Windows host is missing security update 5035885. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...
KB5035854: Windows 11 version 21H2 Security Update (March 2024)
The remote Windows host is missing security update 5035854. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...
KB5035845: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (March 2024)
The remote Windows host is missing security update 5035845. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...
Microsoft Windows USB Attached SCSI Security Vulnerability
Microsoft Windows USB Attached SCSI is a protocol for USB storage devices from Microsoft USA. A security vulnerability exists in Microsoft Windows USB Attached SCSI. An attacker could exploit the vulnerability to remotely execute code. The following products and editions are affected: Windows...
KB5035853: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (March 2024)
The remote Windows host is missing security update 5035853. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...
KB5035849: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2024)
The remote Windows host is missing security update 5035849. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...
KB5035856: Windows Server version 23H2 Security Update (March 2024)
The remote Windows host is missing security update 5035856. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...
An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked which can lead to out-of-bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host.
...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-1034)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:3653-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3653-1 advisory. - An out-of-bounds write flaw was found in the UAS USB Attached SCSI device emulation of QEMU in versions prior to 6.2.0-rc0. The...
SUSE-SU-2021:3653-1 Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: - Fix out-of-bounds write in UAS USB Attached SCSI device emulation bsc1189702, CVE-2021-3713 - Fix heap use-after-free in virtionetreceivercu bsc1189938, CVE-2021-3748...