Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an inconsistent state of the usb cdns3 gadget driver upon initialization failure, which could lead to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb dwc2 gadget driver calling dwc2gadgetexitclockgating without holding a lock in the dwc2hsotgudcstop...

PT-2026-36356

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the USB gadget HID function where list and spinlock initializations were performed during the bind process. Specifically, queues registered via poll wait were...

PT-2026-36359

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb gadget f eem component where the net device is allocated during function instance creation and registered during the bind phase. When the function unbinds, the...

PT-2026-36363

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the gether disconnect and eth stop functions. If eth stop is triggered concurrently while gether disconnect is tearing down endpoints, eth stop may attemp...

PT-2026-36361

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition in the USB gadget UVC USB Video Class component can lead to a NULL pointer dereference. During power management transitions, the wait event interruptible timeout functio...

PT-2026-36364

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds array access can occur in the ucsi connector change function. This happens because the connector number extracted from the Command Completion Interface CCI via UCSI CCI...

PT-2026-36357

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the USB gadget RNDIS component allows a network device to persist after the bind and unbind process, creating a zombie device. This occurs because the net device is allocated...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb ulpi driver releasing ulpi again after calling putdevice in the ulpiregisterinterface error path,...

PT-2026-36394

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the USB ULPI Ultra Low Power Interface component. When the device register function fails, ulpi register invokes put device on ulpi-dev. The device release...

PT-2026-36355

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack out-of-bounds write exists in the f audio complete function. The issue occurs because the function copies req-length bytes into a 4-byte stack variable using memcpy. Since...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb usbtmc driver not refreshing the anchor URB in usbtmcrelease, which could lead to reuse after releas...

PT-2026-36390

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the cdns3 gadget ep queue function when a gadget endpoint is disabled or not yet configured. In these states, the ep-desc pointer can be NULL, leadin...

PT-2026-36389

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A state inconsistency occurs in the cdns3 USB driver when cdns3 gadget start fails. In this scenario, the Dual-Role Device DRD hardware remains in gadget mode while the software state is...

CVE-2026-6534

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6534

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6534

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface

A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface...

eMPIA AVACAST 代码问题漏洞

eMPIA AVACAST is a USB video capture and encoding device developed by eMPIA in Taiwan, China. eMPIA AVACAST has a code vulnerability that stems from an unreferenced service path. This vulnerability could allow privileged local attackers to place malicious executable files in specific directories...