Lucene search
K

102 matches found

AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl818x: Kill URBs before clearing the txstatusqueue In rtl8187stop, the call to usbkillanchoredurbs is moved before clearing the btxstatusqueue. This change prevents callbacks from using already freed skb because the ancho...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2025/10/15 8:15 a.m.4 views

UBUNTU-CVE-2025-39997

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix race condition to UAF in sndusbmidifree The previous commit 0718a78f6a9f "ALSA: usb-audio: Kill timer properly at removal" patched a UAF issue caused by the error timer. However, because the error timer kill...

5.7AI score0.00187EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3055

Malware in sbrugna...

2.1CVSS6AI score0.00452EPSS
Exploits0References34
CVE
CVE
added 2025/10/04 3:16 p.m.20 views

CVE-2022-50484

CVE-2022-50484 affects the Linux kernel ALSA USB audio driver. The vulnerability is a memory leak when -ENOMEM occurs during URB/buffer allocation inside the sync EP URB loop, where ep->nurbs remained 0 and partially allocated URBs could be left unreleased. The fix initializes ep->nurbs ear...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References9Affected Software1
SUSE CVE
SUSE CVE
added 2025/09/22 11:28 p.m.4 views

SUSE CVE-2025-22050

In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rxcomplete Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas usbnetqueueskb includes this check. This inconsistency creates a race conditio...

5.5CVSS6.1AI score0.00166EPSS
Exploits0References17
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.8 views

media: streamzap: fix race between device disconnection and urb callback

...

4.7CVSS6.8AI score0.00133EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.8 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bcd2000 failing to kill urb on the wrong path, which could lead to reuse after release...

7.8CVSS6.3AI score0.00204EPSS
Exploits0References10
OSV
OSV
added 2025/02/27 3:15 a.m.7 views

UBUNTU-CVE-2025-21742

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...

7.1CVSS6.5AI score0.00208EPSS
Exploits0References19
Vulnrichment
Vulnrichment
added 2025/02/27 2:12 a.m.6 views

CVE-2025-21742 usbnet: ipheth: use static NDP16 location in URB

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...

7.4AI score0.00208EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.14 views

PT-2025-16667

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition in the Linux kernel's streamzap driver can cause a general protection fault due to a NULL pointer dereference of the dev-raw pointer. This occurs because rc unregister...

4.7CVSS5.5AI score0.00133EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/11/05 5:7 p.m.3 views

CVE-2024-50100 USB: gadget: dummy-hcd: Fix "task hung" problem

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy-hcd driver was changed to use hrtimers instead of regular timers. It turns out that the problems ar...

7.6AI score0.00233EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability due to incomplete USB endpoint checking that could result in the wrong endpoint type being use...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2024/06/22 3:35 a.m.11 views

SUSE CVE-2024-38567

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports 1 hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a specific 4th endpoint,...

5.5CVSS6.3AI score0.00254EPSS
Exploits0References16
OSV
OSV
added 2024/06/20 12:15 p.m.2 views

DEBIAN-CVE-2022-48760

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usbkillurb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usbkillurb to return. It turns out the issue is not unlinking the URB; that works just fine...

7.1CVSS5.5AI score0.00186EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/05/29 2:18 p.m.5 views

SUSE CVE-2023-52855

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In dwc2hcdurbenqueue, "urb-hcpriv = NULL" is executed without holding the lock "hsotg-lock". In dwc2hcdurbdequeue: spinlockirqsave&hsotg-lock, flags;...

5.5CVSS6.6AI score0.00245EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.1 views

SUSE CVE-2019-19078

A memory leak in the ath10kusbhiftxsg function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering usbsubmiturb failures, aka CID-b8d17e7d93d2...

4.6CVSS6.4AI score0.06623EPSS
Exploits0References9
Zero Day Initiative
Zero Day Initiative
added 2022/10/21 12:0 a.m.29 views

Oracle VirtualBox VRDP Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of USB Request Block messages. The issue results from the lack of proper...

8.1CVSS3.4AI score0.01635EPSS
Exploits0References1
myhack58
myhack58
added 2019/08/27 12:0 a.m.160 views

2019 Pwn2Own for compromised VMware virtual machine escape vulnerability analysis-vulnerability warning-the black bar safety net

At this year's Vancouver Pwn2Own contest during Fluoroacetate team shows them through the use of VMware Workstation from the client virtual machine to escape to the physical machine. They use the virtual USB 1.1 UHCI postage host controller interface in the cross-border read/write vulnerabilities...

0.6AI score
Exploits0
OpenVAS
OpenVAS
added 2008/10/24 12:0 a.m.27 views

Wireshark Multiple Vulnerabilities (Oct 2008) - Linux

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

5CVSS6.4AI score0.0929EPSS
Exploits2References2
OSV
OSV
added 2008/10/22 6:0 p.m.5 views

CVE-2008-4680

packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service application crash or abort via a malformed USB Request Block URB...

6.3AI score
Exploits0References14
Rows per page
Query Builder