Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: hwmon: corsair-cpro Validates the size of the received input buffer. Add bufferrecvsize to store the size of the received bytes. Validate bufferrecvsize in sendusbCmd...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validating UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified to ensure that their sizes match the declared lengths, and that they fit within the allocated buffer sizes as well...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: usb: gadget: Fixed a use-after-free in compositedevcleanup. 1. In func configfscompositebind - compositeosdescreqprepare: If kmalloc fails, the pointer cdev-osdescreq will be freed but will not be set to NULL. As a result, the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: The numconnectors field is incorrectly handled. The UCSI specification states that the numconnectors field consists of 7 bits, with the 8th bit reserved and should be set to zero. Some faulty firmware has been...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Input: pegasus-notetaker – fixed potential out-of-bounds access issues. In the pegasusnotetaker driver, the pegasusprobe function allocates the URB transfer buffer using the wMaxPacketSize value from the endpoint descriptor. An...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba This issue was discovered by Atuin – the Automated Vulnerability Discovery Engine. newpba is derived from the status packet returned after each write operation. A malicious device...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Media: imon: Make sendpacket more robust syzbot reports that imon has three problems that result in hung tasks due to continuously holding the device lock 1. The first problem is that when usbrxcallbackintf0 receives an -EPROT...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: kvaserusb: leaf: Fix potential infinite loop in command parsers The functions kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback contain logic for handling zero-length commands. These commands are used to align data with the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential overflow of PCM transfer buffer The PCM stream data in the USB-audio driver is transferred via USB URB packet buffers, and the size of each packet is determined dynamically. The packet sizes are...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In btusb, there is an issue where the cleanup operations during btusbdisconnect are not performed in the correct order, leading to a Use-After-Free UAF condition. There is also a KASAN issue in btusbdisconnect: A re...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Added endpoint checks The syzbot fuzzer was able to trigger a WARNING message from the radio-shark2 driver: ------------ Cut here ------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU: 0 PID: 327...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fixed a potential out-of-bounds error in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. This means that "newcam" can be as high as 255, while the size of the uc-updated array i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Use the correct buffer size when parsing configfs lists This commit fixes the support for the uvc gadget on 32-bit platforms. The commit 0df28607c5cb “usb: gadget: uvc: Generalize helper functions for reuse”...

usb: gadget: f_hid: move list and spinlock inits from bind to alloc

...

Linux Distros Unpatched Vulnerability : CVE-2026-31728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2026-31723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fsubset: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase...

Linux Distros Unpatched Vulnerability : CVE-2026-31724

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: feem: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase wit...

Linux Distros Unpatched Vulnerability : CVE-2026-31722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: frndis: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase...

Linux Distros Unpatched Vulnerability : CVE-2026-31758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: usbtmc: Flush anchored URBs in usbtmcrelease When calling usbtmcrelease, pending anchored URBs must be flushed or killed to prevent use-after-free errors...

Linux Distros Unpatched Vulnerability : CVE-2026-31720

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf...