Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021622)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021622 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates...

Important: Red Hat Security Advisory: golang-github-openprinting-ipp-usb security update

An update for golang-github-openprinting-ipp-usb is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface

A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface...

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. In affected versions the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read...

kernel: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs ISERR bug The qmpusbiomap helper function currently returns the raw result of devmioremap for non-exclusive mappings. Since devmioremap may return a NULL pointer and the caller only checks error...

Security update provided in Brocade ASCG3.4.0b Base OS (OVA Deployment) for Rocky Linux Kernel

Security update provided in Brocade ASCG3.4.0b Base OS OVA Deployment for Rocky Linux Kernel CVE-2022-50673 - Linux Kernel 'ext4' Vulnerable to Use-After-Free via Improper Error Handling in 'ext4orphancleanup' CVE-2022-50865 - Linux Kernel Vulnerable to Signed Integer Overflow via Backlog Limit...

RHEL 10 : golang-github-openprinting-ipp-usb (RHSA-2026:19049)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19049 advisory. HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-U...

RHEL 10 : golang-github-openprinting-ipp-usb (RHSA-2026:19144)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19144 advisory. HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-U...

CVE-2026-43327

A flaw was found in the Linux kernel's USB dummy-hcd driver. A race condition between a USB reset operation and a driver unbind operation can lead to a synchronization error. This allows a local attacker with physical access to a USB device to trigger an addressing exception, causing a system cra...

hdd-toolkit

HDD Firmware Toolkit A comprehensive Python toolkit for dumpi...

CLSA-2026-1778787063 kernel: Fix of 122 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - mptcp: always handle address removal under msk socket lock CVE-2025-21875 - uprobes: Reject the shared zeropage in uprobewriteopcode CVE-2025-21881 - net: hns3: make sure ptp clock is unregister and freed if hclgeptpgetcycle returns an...

SUSE CVE-2026-43479

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

SUSE CVE-2026-43488

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...

CVE-2026-34963

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...

Linux Distros Unpatched Vulnerability : CVE-2026-43479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in...

EUVD-2026-30015

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

CVE-2026-43488

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...

UBUNTU-CVE-2026-43479

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

CVE-2026-43488

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...

CVE-2026-43479

The CVE-2026-43479 entry concerns the Linux kernel’s LAN78xx USB Ethernet driver. A WARN was observed in __netif_napi_del_locked during USB device disconnect because netif_napi_del() was redundantly called in the disconnect path while NAPI was still enabled. The fix removes this redundant call si...