Lucene search
K

236 matches found

Ubuntu
Ubuntu
added 2026/04/17 9:55 a.m.6 views

USN-8185-1: Linux kernel (NVIDIA) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
OSV
OSV
added 2026/04/17 9:36 a.m.11 views

USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.3AI score0.00378EPSS
Exploits0References175
Ubuntu
Ubuntu
added 2026/04/17 9:26 a.m.8 views

USN-8184-1: Linux kernel (Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007486 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function...

5.6AI score0.00207EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/04/16 2:13 p.m.8 views

USN-8179-1: Linux kernel vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/23 1:40 p.m.13 views

USN-8116-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - ATM...

9.8CVSS6.5AI score0.00519EPSS
Exploits3
Ubuntu
Ubuntu
added 2026/02/17 3:24 p.m.19 views

USN-8048-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS7.4AI score0.00519EPSS
Exploits4
OSV
OSV
added 2026/02/12 10:55 a.m.17 views

USN-8033-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS6.9AI score0.00248EPSS
Exploits4References115
Ubuntu
Ubuntu
added 2026/02/12 10:55 a.m.17 views

USN-8033-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS5.9AI score0.00248EPSS
Exploits4
OSV
OSV
added 2026/02/12 10:40 a.m.14 views

USN-8033-1 linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS6.8AI score0.00248EPSS
Exploits4References115
OSV
OSV
added 2026/02/12 9:39 a.m.9 views

USN-8030-1 linux-gcp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS6.5AI score0.00519EPSS
Exploits4References367
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004896)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004896 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: Fix refcount leak in ehcihcdppcofprobe offindcompatiblenode returns a node pointer wit...

5.5CVSS6.4AI score0.0016EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-57981)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57981 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference ...

5.5CVSS5.3AI score0.00231EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.4 views

CVE-2025-68657

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, calls to hidhostdeviceclose can free the same usbtransfert twice. The USB event callback and user code share the hidifacet state without locking, so both can tear down a READY interface...

6.4CVSS7AI score0.00139EPSS
Exploits0References1
NVD
NVD
added 2026/01/12 6:15 p.m.6 views

CVE-2025-68657

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, calls to hidhostdeviceclose can free the same usbtransfert twice. The USB event callback and user code share the hidifacet state without locking, so both can tear down a READY interface...

6.4CVSS0.00139EPSS
Exploits0References3
OSV
OSV
added 2026/01/12 5:26 p.m.5 views

CVE-2025-68657 espressif/usb_host_hid Double-Free Race Condition in USB Host HID Device Close Path

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, calls to hidhostdeviceclose can free the same usbtransfert twice. The USB event callback and user code share the hidifacet state without locking, so both can tear down a READY interface...

6.4CVSS7AI score0.00139EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/12 5:26 p.m.20 views

CVE-2025-68657 espressif/usb_host_hid Double-Free Race Condition in USB Host HID Device Close Path

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, calls to hidhostdeviceclose can free the same usbtransfert twice. The USB event callback and user code share the hidifacet state without locking, so both can tear down a READY interface...

6.4CVSS0.00139EPSS
Exploits0References3
CVE
CVE
added 2026/01/12 5:23 p.m.15 views

CVE-2025-68656

CVE-2025-68656 affects the ESP-IDF USB Host HID Driver. Before 1.1.0, usb_class_request_get_descriptor() frees and reallocates hid_device->ctrl_xfer while continuing to use a stale local pointer, causing an immediate use-after-free when processing attacker-controlled Report Descriptor lengths....

6.8CVSS6.2AI score0.00183EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/01/12 5:23 p.m.5 views

CVE-2025-68656 Espressif ESP-IDF USB Host HID (Human Interface Device) Driver Descriptor Use-After-Free Vulnerability

Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, usbclassrequestgetdescriptor frees and reallocates hiddevice-ctrlxfer when an oversized descriptor is requested but continues to use the stale local pointer, leading to an immediate...

6.8CVSS6.5AI score0.00183EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/12 5:8 p.m.4 views

CVE-2025-68622 Espressif ESP-IDF USB Host UVC Class Driver has a stack buffer overflow in UVC descriptor printing

Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class UVC device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC...

6.8CVSS6.6AI score0.00212EPSS
Exploits0References3
Rows per page
Query Builder