6979 matches found
CVE-2026-53194
A flaw was found in the Linux kernel's kl5kusb105 USB serial driver. This buffer overflow vulnerability allows a local attacker to write data beyond the intended memory boundary. By sending a specially crafted input to the USB serial port, an attacker can trigger an out-of-bounds write, which may...
CVE-2026-53195
A flaw was found in the USB: serial: ioti module of the Linux kernel. The buildi2cfwhdr function allocates a fixed-size buffer but copies data into it without properly validating the input length from the firmware header. This oversight allows an attacker to provide a crafted firmware image,...
CVE-2026-53107
A flaw was found in the Linux kernel's Wi-Fi Libertas driver. This issue occurs when the system attempts to terminate USB Request Blocks URBs from an interrupt context, which can lead to the system attempting to sleep in an inappropriate context. This can cause system instability or prevent furth...
EUVD-2026-39286
In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...
CVE-2026-53195
In the Linux kernel USB serial driver io_ti, CVE-2026-53195 describes a heap-overflow in build_i2c_fw_hdr(). The function allocates a fixed buffer ((16*1024 - 512) + sizeof(struct ti_i2c_firmware_rec)) and then copies img_header->Length bytes without validating that Length fits into the remain...
CVE-2026-48720
creationtimestamp| type| source ---|---|--- 2026-06-24 22:17:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp2wyyhzc72i...
EUVD-2026-38905
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix deadlock in hidpostreset You can build a USB device that includes a HID component and a storage or UAS component. The components can be reset only together. That means that hidprereset and hidpostreset are in the...
CVE-2026-48867
creationtimestamp| type| source ---|---|--- 2026-06-22 19:18:08+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3movm2czvz423...
CVE-2026-9456
creationtimestamp| type| source ---|---|--- 2026-06-22 04:16:36+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3motzobguut2b...
kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...
kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: usb: dwc2: Fixed a device leak in hwenable upon suspend/resume. Every time the platform enters low-power mode, the PM suspend/resume routines call dwc2lowlevelhwenable - devmaddactionorreset. This adds a new device entry each...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use sndcardfreewhenclosed when there is a disconnection. The USB disconnection callback should be short and not too long. Alternatively, the current code uses sndcardfree when there is a disconnection, but this waits...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove the SCSI host only if it has been added. If the host attempts to remove the ufshcd driver from a UFS device, a kernel panic will occur if the ufshcdasyncscan function fails during ufshcdprobehba. This issu...
Astra Linux – Vulnerability in Linux, Linux 5.10
In lgprobe and related functions of hid-lg.c and other USB HID files, there is a possible out-of-bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device is connected, without the need for additional execution privileges. User...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: HID: hid-thrustmaster: A warning was fixed in thrustmasterprobe by adding an endpoint check. syzbot has identified a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are correctly configured, and the MIDIStreaming endpoint descriptors contain the correct information, the values of bNumEmbMIDIJack and bLength are se...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net:mctp: Fix for device leak on probe failure The driver core holds a reference to the USB interface and its parent USB device while the interface is bound to the driver. There is no need to hold additional references unless tho...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel version up to 6.1.9, there is a use-after-free issue in the bigbenremove function within the drivers/hid/hid-bigbenff.c file, caused by a crafted USB device. This issue arises because the LED controllers remain registered for an excessively long period of time...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: bcm63xxudc: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must be processed by calling dput; otherwise, a memory leak will occur over time. To simplify things, simply call...