Lucene search
+L

236 matches found

NVD
NVD
added 2024/09/13 6:15 a.m.12 views

CVE-2024-46674

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...

7.8CVSS0.00278EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/09/13 5:29 a.m.17 views

CVE-2024-46674 usb: dwc3: st: fix probed platform device ref count on probe error path

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...

6.9AI score0.00278EPSS
Exploits0References8
CVE
CVE
added 2024/09/13 5:29 a.m.116 views

CVE-2024-46674

CVE-2024-46674 affects the Linux kernel USB/DWC3 ST platform path. The vulnerability stems from a probe error path that drops a platform device reference count due to an unused undo_platform_dev_alloc, causing unbalanced references and potential use-after-free when devm-managed resources are rele...

7.8CVSS7.3AI score0.00278EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2024/09/13 5:29 a.m.21 views

CVE-2024-46674 usb: dwc3: st: fix probed platform device ref count on probe error path

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...

7.8CVSS6.1AI score0.00278EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2024/09/11 3:13 p.m.11 views

CVE-2024-45027

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check for xhci-interrupters being allocated in xhcimemclearup If xhcimeminit fails, it calls into xhcimemcleanup to mop up the damage. If it fails early enough, before xhci-interrupters is allocated but after...

5.5CVSS5.6AI score0.00206EPSS
Exploits0
Cvelist
Cvelist
added 2024/09/04 6:35 p.m.36 views

CVE-2024-44960 usb: gadget: core: Check for unset descriptor

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn't properly set up the endpoint for...

0.00232EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2024/07/31 9:17 a.m.16 views

CVE-2024-42085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIGUSBDWC3DUALROLE is selected, and trigger system to enter suspend status with below command: echo mem /sys/power/state There...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/16 12:25 p.m.14 views

CVE-2022-48836 Input: aiptek - properly check endpoint type

In the Linux kernel, the following vulnerability has been resolved: Input: aiptek - properly check endpoint type Syzbot reported warning in usbsubmiturb which is caused by wrong endpoint type. There was a check for the number of endpoints, but not for the type of endpoint. Fix it by replacing old...

6.5AI score0.00242EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/07/16 12:25 p.m.21 views

CVE-2022-48834 usb: usbtmc: Fix bug in pipe direction for control transfers

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Fix bug in pipe direction for control transfers The syzbot fuzzer reported a minor bug in the usbtmc driver: usb 5-1: BOGUS control dir, pipe 80001e80 doesn't match bRequestType 0 WARNING: CPU: 0 PID: 3813 at...

6.7AI score0.0026EPSS
Exploits0References5
NVD
NVD
added 2024/07/16 10:15 a.m.25 views

CVE-2023-52886

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev-descriptor in hubportinit Syzbot reported an out-of-bounds read in sysfs.c:readdescriptors: BUG: KASAN: slab-out-of-bounds in readdescriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Re...

6.4CVSS0.00328EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/07/16 10:15 a.m.14 views

CVE-2023-52886

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev-descriptor in hubportinit Syzbot reported an out-of-bounds read in sysfs.c:readdescriptors: BUG: KASAN: slab-out-of-bounds in readdescriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Re...

6.4CVSS6.2AI score0.00328EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/07/16 9:40 a.m.11 views

CVE-2023-52886 USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev-descriptor in hubportinit Syzbot reported an out-of-bounds read in sysfs.c:readdescriptors: BUG: KASAN: slab-out-of-bounds in readdescriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Re...

6.7AI score0.00328EPSS
Exploits0References6
CVE
CVE
added 2024/07/16 9:40 a.m.87 views

CVE-2023-52886

The CVE-2023-52886 entry describes a race in the Linux kernel USB core where hub_port_init() can overwrite udev->descriptor while read_descriptors() (sysfs.c) is reading it, enabling a slab-out-of-bounds read (KASAN) observed in syzbot. The root cause is a race between read_descriptors() and h...

6.4CVSS7.4AI score0.00328EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/07/16 9:40 a.m.24 views

CVE-2023-52886 USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev-descriptor in hubportinit Syzbot reported an out-of-bounds read in sysfs.c:readdescriptors: BUG: KASAN: slab-out-of-bounds in readdescriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Re...

0.00328EPSS
Exploits0References6
NVD
NVD
added 2024/06/20 12:15 p.m.22 views

CVE-2022-48761

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 1 PREEMPT SMP Modules linked in: CPU: 2 PID: 244...

5.3CVSS0.00212EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/06/20 11:26 a.m.29 views

CVE-2021-47582

In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...

3.3CVSS7.3AI score0.00198EPSS
Exploits0References4
CVE
CVE
added 2024/06/20 11:13 a.m.92 views

CVE-2022-48761

CVE-2022-48761 affects the Linux kernel USB xhci-plat code. The issue occurs on platforms like i.MX8QM during suspend with remote wake enabled, where xhci_suspend disables the hub wake and then accesses registers after the device clock is gated by run-time suspend. The underlying root cause was t...

5.3CVSS7AI score0.00212EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/06/20 11:13 a.m.21 views

CVE-2022-48760 USB: core: Fix hang in usb_kill_urb by adding memory barriers

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usbkillurb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usbkillurb to return. It turns out the issue is not unlinking the URB; that works just fine...

7.1CVSS6AI score0.00186EPSS
Exploits0References12
OSV
OSV
added 2024/06/19 3:15 p.m.28 views

CVE-2021-47582

In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...

5.5CVSS8.1AI score
Exploits0References2
NVD
NVD
added 2024/06/19 3:15 p.m.16 views

CVE-2021-47582

In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...

5.5CVSS0.00198EPSS
Exploits0References2
Rows per page
Query Builder