165 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001617 advisory. drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have...
CVE-2026-22859
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...
UBUNTU-CVE-2026-22859
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...
CVE-2026-22859
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...
CVE-2026-22859 FreeRDP has a heap-buffer-overflow in urb_select_configuration
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...
EUVD-2026-2668
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...
CVE-2026-22859
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...
FreeRDP 输入验证错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. An input validation error vulnerability exists in versions prior to FreeRDP 3.20.1, which stems from a URBDRC client not performing a bounds check on the server-supplied MSUSBINTERFACEDESCRIPTOR...
PT-2026-2939
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw where the URBDRC client does not validate server-provided MSUSB INTERFACE DESCRIPTOR values. This lack of bounds checki...
PT-2026-27656
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Near Field Communication NFC functionality using the PN533 driver. Specifically, the driver fails to properly release a reference to the USB...
CVE-2022-50829
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...
CVE-2022-50829 wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...
CVE-2022-50829
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...
CVE-2025-68298 Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Avoid btusbmtkclaimisointf NULL deref In btusbmtksetup, we set btmtkdata-isopktintf to: usbifnumtoifdata-udev, MTKISOIFNUM That function can return NULL in some cases. Even when it returns NULL, though...
CVE-2025-40283
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusbdisconnect to avoid UAF There is a KASAN: slab-use-after-free read in btusbdisconnect. Calling "usbdriverreleaseinterface&btusbdriver, data-intf" will free the btusb data associated with...
CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...
PT-2025-49376
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ALSA subsystem, specifically in the snd usb mixer controls badd function. A NULL pointer dereference can occur when processing USB audio devic...
CVE-2025-59705
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...
CVE-2025-59705
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...
EUVD-2025-200262
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivation of the USB interface" or F01...