Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: usb-storage: alauda: Fixed the uninit-value issue in alaudacheckmedia. Syzbot reported that KMSAN complained about accessing an uninitialized value within the alauda subdriver of usb-storage. Bug: KMSAN: uninit-value in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013092)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013092 advisory. In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about acce...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011002)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011002 advisory. In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about acce...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013241)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013241 advisory. In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about acce...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005553 advisory. In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member uzonesize of struct...

CVE-2019-16574

A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2019-16573

A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

SUSE CVE-2023-53847

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

EUVD-2023-60149

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

CVE-2023-53847

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

DEBIAN-CVE-2023-53847

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

UBUNTU-CVE-2023-53847

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

CVE-2023-53847 usb-storage: alauda: Fix uninit-value in alauda_check_media()

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

CVE-2023-53847

CVE-2023-53847 affects the Linux kernel usb-storage alauda subdriver. The root cause is alauda_check_media() using USB transfer data without verifying transfer success, risking uninitialized data usage; a related issue exists in alauda_get_media_status(). The fix adds a check for transfer success...

CVE-2023-53847

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

CVE-2023-53847 usb-storage: alauda: Fix uninit-value in alauda_check_media()

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from usb-storage alauda not verifying the USB transfer state, which could lead to the use of uninitialized data...

PT-2025-49738

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.0-rc7+ Description The usb-storage alauda subdriver contains a flaw where alauda check media does not verify successful USB transfers before utilizing the received data. This can lead to access of uninitializ...

Linux Distros Unpatched Vulnerability : CVE-2023-53847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-38619)

usb-storage: alauda: Check whether the media is initialized. The member uzonesize of struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing divide errors in alaudareaddata and alaudawritelba. This plugin only works with Tenable.ot. Please visit...