Lucene search
+L

236 matches found

redhatcve
redhatcve
added 2025/06/20 10:4 a.m.4 views

CVE-2022-49943

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udcmutex A recent commit expanding the scope of the udclock mutex in the gadget core managed to cause an obscure and slightly bizarre lockdep violation. In abbreviated form:...

7CVSS7.2AI score0.00141EPSS
Exploits0References4
cve
cve
added 2025/06/18 10:59 a.m.80 views

CVE-2022-49944

CVE-2022-49944 concerns the Linux kernel where a regression from the commit 87d0e2f41b8c in usb: typec: ucsi: add a common function ucsi_unregister_connectors() left a stale sysfs entry with NULL ops, causing a NULL dereference while reading the power supply sysfs and leaving the power device unr...

5.5CVSS6.7AI score0.00179EPSS
Exploits0References2Affected Software1
redhatcve
redhatcve
added 2025/05/23 9:27 a.m.6 views

CVE-2024-12656

A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The...

6.8CVSS6.7AI score0.00311EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 3:5 a.m.5 views

CVE-2023-20630

In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628505; Issue ID: ALPS07628505...

6.7CVSS6.6AI score0.00099EPSS
Exploits0References1
cve
cve
added 2025/05/20 5:9 p.m.133 views

CVE-2025-37985

CVE-2025-37985 affects the Linux kernel USB wdm subsystem, specifically a race between wdm_open and wdm_wwan_port_stop. The issue arises if WDM_WWAN_IN_USE is not cleared last, allowing opening a chardev whose URBs may still be poisoned. Impact is local, with potential to exploit the race to caus...

4.7CVSS6.5AI score0.0011EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2025/05/02 3:55 p.m.12 views

CVE-2023-53062 net: usb: smsc95xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory conten...

0.00166EPSS
Exploits0References8
amazon
amazon
added 2025/04/30 12:0 a.m.4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dmaengine: Fix double increment of clientcount in dmachanget CVE-2022-49753 In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels CVE-2022-50816 A memory...

7.8CVSS6.1AI score0.00391EPSS
Exploits0
mscve
mscve
added 2025/04/17 9:43 p.m.25 views

Chromium: CVE-2025-3620 Use after free in USB

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.5AI score0.00261EPSS
Exploits0
nvd
nvd
added 2025/04/16 9:15 p.m.13 views

CVE-2025-3620

Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00261EPSS
Exploits0References2
cvelist
cvelist
added 2025/04/16 8:57 p.m.20 views

CVE-2025-3620

Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00261EPSS
Exploits0References2
cve
cve
added 2025/04/16 8:57 p.m.97 views

CVE-2025-3620

CVE-2025-3620 is a use-after-free in USB handling within Google Chrome/Chromium, fixed in 135.0.7049.95 for Chromium-based builds. The vulnerability allows a remote attacker to trigger heap corruption via a crafted HTML page, with high impact across confidentiality, integrity, and availability as...

8.8CVSS7AI score0.00261EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2025/04/16 10:23 a.m.16 views

CVE-2025-22023 usb: xhci: Don't skip on Stopped - Length Invalid

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...

0.00172EPSS
Exploits0References4
osv
osv
added 2025/04/16 10:23 a.m.9 views

CVE-2025-22022 usb: xhci: Apply the link chain quirk on NEC isoc endpoints

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...

7.8CVSS6.4AI score0.00175EPSS
Exploits0References11
osv
osv
added 2025/04/01 3:40 p.m.13 views

CVE-2025-21916 usb: atm: cxacru: fix a flaw in existing endpoint checks

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see 1. This time the issue stems from a commit authored by me 2eabb655a968 "usb: atm: cxacru: fix endpoint...

5.5CVSS6.1AI score0.002EPSS
Exploits0References13
vulnrichment
vulnrichment
added 2025/03/21 10:20 p.m.8 views

CVE-2025-26500 VxWorks 7 USB Failure

: Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation. Specifically crafted USB packets may lead to the system becoming unavailable This issue affects VxWorks 7: from 22.06 through 24.03...

4.6CVSS7.1AI score0.00206EPSS
Exploits0References1
cvelist
cvelist
added 2025/03/21 10:20 p.m.17 views

CVE-2025-26500 VxWorks 7 USB Failure

: Uncontrolled Resource Consumption vulnerability in Wind River Systems VxWorks 7 on VxWorks allows Excessive Allocation. Specifically crafted USB packets may lead to the system becoming unavailable This issue affects VxWorks 7: from 22.06 through 24.03...

4.6CVSS0.00206EPSS
Exploits0References1
debiancve
debiancve
added 2025/03/12 9:42 a.m.6 views

CVE-2025-21859

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

5.5CVSS5.5AI score0.00162EPSS
Exploits0
cvelist
cvelist
added 2025/03/11 4:59 p.m.30 views

CVE-2025-24987 Windows USB Video Class System Driver Elevation of Privilege Vulnerability

...

6.6CVSS0.00639EPSS
Exploits0References1
thn
thn
added 2025/02/28 4:48 p.m.30 views

Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android Phone

A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploi...

7.8CVSS6.8AI score0.03558EPSS
Exploits1
cvelist
cvelist
added 2025/02/28 12:0 a.m.13 views

CVE-2024-44754

Cryptographic key extraction from internal flash in Minut M2 with firmware version 15142 allows physically proximate attackers to inject modified firmware into any other Minut M2 product via USB...

0.00208EPSS
Exploits0References1
Rows per page
Query Builder