80 matches found
kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()
A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...
kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()
A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...
usbip: validate number_of_packets in usbip_pack_ret_submit()
...
CVE-2026-31607
In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...
EUVD-2026-25500
In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usbip driver’s function usbippackretsubmit, which does not validate the numberofpackets value...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001123)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001123 advisory. The stubsendretsubmit function drivers/usb/usbip/stubtx.c in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial o...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001248)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001248 advisory. In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can ...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001115)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001115 advisory. The stubrecvcmdsubmit function drivers/usb/usbip/stubrx.c in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMDSUBMIT packets allows...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001498)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001498 advisory. The getpipe function drivers/usb/usbip/stubrx.c in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003402)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003402 advisory. The stubsendretsubmit function drivers/usb/usbip/stubtx.c in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial o...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003550)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003550 advisory. In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002912)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002912 advisory. The usbiprecvxbuff function in drivers/usb/usbip/usbipcommon.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service out-of-bounds...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002811)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002811 advisory. The vhcihcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002657)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002657 advisory. The stubrecvcmdsubmit function drivers/usb/usbip/stubrx.c in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMDSUBMIT packets allows...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003414)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003414 advisory. The stubsendretsubmit function drivers/usb/usbip/stubtx.c in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial o...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002601)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002601 advisory. The usbiprecvxbuff function in drivers/usb/usbip/usbipcommon.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service out-of-bounds...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003437)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003437 advisory. The getpipe function drivers/usb/usbip/stubrx.c in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991182)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991182 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubpro...