Lucene search
K

99 matches found

RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: xhci: Remove device endpoints from bandwidth list when freeing the device

A null pointer/list corruption flaw was found in the Linux kernel USB xHCI host controller code. When the xHCI host is dying or being removed, some device endpoints may remain on the software bandwidth list. Later cleanup deletes entries that were already freed, corrupting the list and crashing t...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/08/08 1:32 a.m.4 views

SUSE CVE-2023-4010

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usbgivebackurb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descripto...

4.6CVSS6.3AI score0.00516EPSS
Exploits1References3
OSV
OSV
added 2023/07/31 5:15 p.m.8 views

CVE-2023-4010

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usbgivebackurb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descripto...

4.6CVSS6.5AI score0.00516EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/07/31 5:15 p.m.27 views

CVE-2023-4010

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usbgivebackurb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descripto...

4.6CVSS5.8AI score0.00516EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/07/31 4:22 p.m.13 views

CVE-2023-4010 Kernel: usb: hcd: malformed usb descriptor leads to infinite loop in usb_giveback_urb()

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usbgivebackurb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descripto...

4.6CVSS7AI score0.00516EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: usb: xhci_plat_remove: avoid NULL dereference

In the Linux kernel, the following vulnerability has been resolved: usb: xhciplatremove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a "usb: host: xhci-plat: omit shared hcd if either root hub has no ports" xhci-sharedhcd can be NULL, which causes the following Oops...

5.5CVSS6.2AI score0.00175EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.4 views

SUSE CVE-2014-5263

vmstatexhcievent in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATEENDOFLIST macro, which allows attackers to cause a denial of service out-of-bounds access, infinite loop, and memory corruption and possibly gain privileges via unspecified vectors...

6.8CVSS7.2AI score0.01567EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.3 views

PT-2023-34856 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.165 Description: The issue concerns the xhci component of the Linux Kernel, where an endpoint is not properly validated before being dereferenced. This could potentially lead to security vulnerabilities,...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.6 views

PT-2025-49731

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to out-of-bound memory access within the xhci-dbc driver. Specifically, if the xdbc bulk write function fails, the buffer used by the xdbc trace...

7.8CVSS6.8AI score0.00465EPSS
Exploits2References896
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.67 views

Oracle Linux 7 : qemu (ELSA-2021-9335)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9335 advisory. - e1000: fail early for evil descriptor Jason Wang Orabug: 32560552 CVE-2021-20257 - Document CVE-2020-27661 as fixed Mark Kanda Orabug: 32960200...

6.5CVSS6.5AI score0.00358EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2021/06/15 7:0 a.m.3 views

A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service.

...

6.5CVSS7AI score0.00314EPSS
Exploits0
CNNVD
CNNVD
added 2021/06/02 12:0 a.m.5 views

QEMU 数字错误漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A code issue vulnerability exists in QEMU, which stems from a found a division by zero issue in the dwc2handlepacket handler package in the...

6.5CVSS5.7AI score0.00314EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/10/22 5:5 p.m.34 views

CVE-2020-27661

A divide-by-zero flaw was found in QEMU in the dwc-hsotg dwc2 USB host controller emulation. More specifically, HCCHARMPS was read from a device register and later used as a divisor without performing a sanity check. This flaw allows a malicious or buggy guest to crash the QEMU process on the hos...

6.5CVSS2.6AI score0.00314EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/08/15 12:0 a.m.3 views

PT-2020-6461

Name of the Vulnerable Software and Affected Versions QEMU version 5.0.0 Description The issue is related to the hw/usb/hcd-ohci.c component in the QEMU hardware emulator, which can lead to an infinite loop when a TD list has a loop. This can cause a denial of service. Recommendations For QEMU...

6.8CVSS6.5AI score0.03566EPSS
Exploits1References164
RedHat Linux
RedHat Linux
added 2017/08/01 4:4 p.m.8 views

Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS7.4AI score0.00386EPSS
Exploits0References4
OSV
OSV
added 2017/06/08 12:0 a.m.2 views

UBUNTU-CVE-2017-9330

QEMU aka Quick Emulator before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505...

5.6CVSS6.7AI score0.00348EPSS
Exploits0References3
OSV
OSV
added 2017/03/27 3:59 p.m.1 views

DEBIAN-CVE-2017-5973

The xhcikickepctx function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service infinite loop and QEMU process crash via vectors related to control transfer descriptor sequence...

5.5CVSS6.9AI score0.00456EPSS
Exploits0References1
OSV
OSV
added 2016/12/10 12:59 a.m.3 views

ALPINE-CVE-2016-7995

Memory leak in the ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of crafted buffer page select PG indexes...

6CVSS6.5AI score0.00394EPSS
Exploits0References1
CNVD
CNVD
added 2016/02/27 12:0 a.m.3 views

QEMU 'hw/usb/hcd-ohci.c' Denial of Service Vulnerability

QEMU is a suite of analog processor software. A security vulnerability in QEMU 'hw/usb/hcd-ohci.c' allows attackers to exploit the vulnerability to crash the QEMU process and cause a denial of service...

5CVSS6.7AI score0.00396EPSS
Exploits0References1
Rows per page
Query Builder