892 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004357)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004357 advisory. In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3qcomcreateursusbplatdev return value expects it to be NULL in the error case,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000575)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000575 advisory. An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003989)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003989 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003749)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003749 advisory. An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2usb.c driver...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002153)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002153 advisory. The clie5attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service NULL...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002897)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002897 advisory. An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003067)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003067 advisory. An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003137)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003137 advisory. Memory leak in the airspyprobe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003334 advisory. drivers/media/usb/dvb-usb/dib0700devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service BUG and system crash or possibly have...
kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
A use-after-free vulnerability was found in the DWC3 USB controller driver in the Linux kernel. Multiple unsynchronized execution paths can invoke dwc3removerequests concurrently, leading to premature freeing of USB requests. When one path frees requests while another is still processing them, a...
kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
A use-after-free vulnerability was found in the DWC3 USB controller driver in the Linux kernel. Multiple unsynchronized execution paths can invoke dwc3removerequests concurrently, leading to premature freeing of USB requests. When one path frees requests while another is still processing them, a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001693)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001693 advisory. mcbausbstartxmit in drivers/net/can/usb/mcbausb.c in the Linux kernel through 5.17.1 has a double free. Tenable has extracted the preceding description block directl...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001691)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001691 advisory. usb8devstartxmit in drivers/net/can/usb/usb8dev.c in the Linux kernel through 5.17.1 has a double free. Tenable has extracted the preceding description block directl...
CVE-2025-71082 Bluetooth: btusb: revert use of devm_kzalloc in btusb
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devmkzalloc in btusb This reverts commit 98921dbd00c4e "Bluetooth: Use devmkzalloc in btusb.c file". In btusbprobe, we use devmkzalloc to allocate the btusb data. This ties the lifetime of all the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: The mcbausb driver fails to populate the ndochangemtu function, allowing for a buffer overflow. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The onl...
Linux Distros Unpatched Vulnerability : CVE-2025-71082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: btusb: revert use of devmkzalloc in btusb This reverts commit 98921dbd00c4e Bluetooth: Use devmkzalloc in btusb.c file. In btusbprobe, we use...
Linux Distros Unpatched Vulnerability : CVE-2025-68781
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal The delayed work item otgevent is initialized in fslotgconf and scheduled under two...
CVE-2022-33711
Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000199)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000199 advisory. In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000280)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000280 advisory. In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka...