RHEL 10 : golang-github-openprinting-ipp-usb (RHSA-2026:10133)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:10133 advisory. HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB...

CVE-2026-31497

A flaw was found in the Linux kernel's Bluetooth USB btusb driver. An attacker with control over Bluetooth connections could trigger an out-of-bounds read in the btusbwork function. This occurs because the function, which maps active Synchronous Connection-Oriented SCO links to USB alternate...

EUVD-2026-24870

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: clamp SCO altsetting table indices btusbwork maps the number of active SCO links to USB alternate settings through a three-entry lookup table when CVSD traffic uses transparent voice settings. The lookup current...

CVE-2026-31497

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: clamp SCO altsetting table indices btusbwork maps the number of active SCO links to USB alternate settings through a three-entry lookup table when CVSD traffic uses transparent voice settings. The lookup current...

CVE-2026-31497

The CVE-2026-31497 entry concerns the Linux kernel Bluetooth USB (btusb) driver. The issue arises in btusb_work(), which maps the number of active SCO links to USB alternate settings using a three-entry table. It indexes alts[] with data->sco_num - 1 without constraining sco_num to the number ...

SUSE-SU-2026:21283-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark

A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service...

freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb

A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urbwritecompletion...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an oversight in the SCO backup settings table index in the btusb driver. This oversight may lead to...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-013411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013411 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of remainskbs hifdev-remainskb is allocated and used...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013646 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of urbs in ath9khifusbdealloctxurbs Syzkaller reports a...

PT-2026-34402

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the Bluetooth component, the btusb work function maps the number of active SCO links to USB alternate settings using a three-entry lookup table when CVSD traffic uses transparent voic...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013731 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013792)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013792 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013533)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013533 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musbgadget.c rxstate overflow bug The usb function device call musbgadgetqueue ad...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013724)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013724 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013541)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013541 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013744)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013744 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from...

EUVD-2026-24163

Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011411 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability...