Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor the bind path to use free After a bind/unbind cycle, the acm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request, resulting in ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check the control transfer buffer size before performing access operations. If the first fragment is shorter than the struct usbcdcnotification, we cannot calculate the expectedsize. Instead, log an error and discar...

PT-2026-36097

Name of the Vulnerable Software and Affected Versions Multicluster Engine affected versions not specified Red Hat Advanced Cluster Management affected versions not specified Description A flaw in the assisted-service REST API, an optional Assisted Installer component in the Multicluster Engine,...

LSN-0119-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

Avigilon ACM - Host Header Injection

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. id: CVE-2025-56266 info: name: Avigilon ACM - Host Header Injection author: DhiyaneshDK severity: medium description: | A Host Header Injection vulnerability in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003949)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003949 advisory. In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004416 advisory. In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002558)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002558 advisory. The acmprobe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000788 advisory. The acmprobe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer...

ROS-20260114-7324

A vulnerability in the drivers/usb/class/cdc-acm.c component of the Linux kernel is related to errors in processing length parameters. Exploitation of the vulnerability could allow an attacker to affect data integrity...

CVE-2025-68919

CVE-2025-68919 affects Fujitsu Fsas Technologies ETERNUS SF ACM/SC/Express (DX/AF Management Software). The issue arises because maintenance data collected by the system can be accessed by a non-admin principal, potentially exposing data and impacting confidentiality (C), with limited integrity/a...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28048)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28048 advisory. - netfilter: nftables: reject duplicate device on updates Pablo Neira Ayuso Orabug: 38744086 CVE-2025-38678 - PCI: rcar: Demote WARN to...

CLSA-2025-1763734783 kernel: Fix of 64 CVEs

media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 - vsock: Fix transport TOCTOU CVE-2025-38461 - ALSA:...

SUSE CVE-2025-40094

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

EUVD-2025-36984

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

UBUNTU-CVE-2025-40094

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-40094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error lab...

EUVD-2020-26532

Malware in sbrugna...

EUVD-2013-6758

Malware in sbrugna...

EUVD-2025-27159

Malicious code in bioql PyPI...